[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Recommendation on OASIS rule changes regarding TC charters
Hey, y'all - As discussed during the January 2021 CTI TC member meeting, last July the OASIS Board of Directors approved a revision of the Technical Committee (TC) Process. The revised TC Process came into force effective 01 December 2020. Â1.10 ("TC Vitality") of that revised TC Process [1] requires that every four years all OASIS Technical Committees review their charter and take one of four actions: 1) Continue with the current charter, 2) Continue with a "clarified" charter (cannot expand the scope of the TC), 3) Recharter the TC (necessary to expand the scope of the TC), or 4) Close the TC. Rich and I reviewed the revised process and the existing charter [2] and as discussed in January, we believe that option #2 from the list above is the right course of action for the moment. The current charter is a bit dated, making references to things such as CybOX which are no longer parts of the standard and therefore it makes sense to remove those. However, OASIS rules are quite clear that while you can *shrink* the scope of a TC (e.g., to remove references to CybOX) during a "clarification" of a charter, that any *expansions* in scope requires a full re-chartering of the TC. The way OASIS defines rechartering essentially requires the TC to be closed, and then re-opened under the new charter, and then everyone must rejoin the new TC. Given where we are right now, at long last just on the cusp of having STIX 2.1 and TAXII 2.1 as full OASIS Standards, we don't believe that it makes sense to recharter the CTI TC - *at this moment*. Rich and I are firmly convinced that there is a need for an extended conversation within the CTI TC about where we want to go in the future. But now is not the time for that future-visioning, "What do we want to work on next, and do we need to do a major re-chartering of the TC in order to do these amazing things we want to do?" conversation. The time for that conversation is *after* STIX 2.1 and TAXII 2.1 have reached full OASIS Standard status this summer. And it is very likely that the TC would benefit from having that conversation under fresh leadership. Therefore we've revised the charter [3] in the spirit of "clarification". We encourage you to review the proposed changes which we will be discussing during this month's full TC calls. Once the TC has reached consensus on the contents of the clarified charter, we'll ask OASIS to open the ballot to approve the changes. Please let us know if you have any questions or concerns. [1]: https://www.oasis-open.org/policies-guidelines/tc-process-2017-05-26/#tcVitality [2]: https://www.oasis-open.org/committees/cti/charter.php [3]: https://docs.google.com/document/d/11dQqe0YhdY1byKF5f9FckvNUq2lrcr1EmzWLd8_oxvU/edit?usp=sharing Thanks! Trey & Rich -- Trey Darley (he/him) Co-chair, OASIS CTI TC Systems and Security Architect, CERT.be -- The main trouble with juggling is that the balls go where you throw them. -- CERT.be / Centre for Cyber Security Belgium Mail: trey.darley@cert.be GPG: CA5B 29E4 937E 151E 2550 6607 AE9A 7FF2 8000 0E4E Web: https://www.cert.be -- Under the authority of the Prime Minister rue de la Loi 16/Wetstraat 16, 1000 Brussels - Belgium
Attachment:
signature.asc
Description: PGP signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]