OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [cti] [External] RE: [cti] Propose ITU STIX standard as agenda topic for next month


+1

 

STIX/TAXII is not without competition.

I believe the adoption by ITU will solidify its position.

 

Regards,

 

Ryu

 

From: cti@lists.oasis-open.org <cti@lists.oasis-open.org> On Behalf Of Bret Jordan
Sent: Sunday, April 24, 2022 2:57 PM
To: Duncan Sparrell <duncan@sfractal.com>
Cc: JG @ OASIS <jg@ctin.us>; cti@lists.oasis-open.org
Subject: Re: [cti] [External] RE: [cti] Propose ITU STIX standard as agenda topic for next month

 

I know many here have not worked in a lot of standards bodies before, and that is okay. Cross standardization is not a new thing, nor is it something to be scared of. RFC 3339 that we use in STIX is cross standardized from ISO 8601. Yes, a few minor things were changed by the IETF, but that is really immaterial. The ITU-T SG17 is looking to standardize something for Cyber Threat Intelligence. ITU standards are the only standards that are put into treaties and cross boarder regulations. It would be in our best interest to do this. There is NO issue for our TC or our work product. If there was, I would NEVER have suggested it to the SG17 Chair. It is only an upside for us. Having the ITU bless this with an X. Number (think X.509, X.500) will enable our work product to gain a lot more attention and international adoption. Also a lot of countries will look to adopt it, BECAUSE it has an ITU blessing. 

 

The worst case is that some member state in ITU-T SG17 starts up some work or brings a contribution, looking specifically at 2 countries, that proposes a different solution and it gets adopted. We love OASIS and the ability we have here to make progress quickly and without a lot of red-tape. OASIS is an awesome place to get people together to get work done. But please do not take offense, OASIS does not have the same clout on the international stage as ISO or ITU. Having ITU bless STIX and TAXII would be a HUGE win for us and has zero downside. Well maybe there is one tongue in cheek downside, we could get a lot of people paying attention and coming with a lot of suggestions for improvements as STIX and TAXII start being used everywhere. 

 

The risk is either not getting the broad recognition that an X. Number would bring, or getting competition by some other member state that brings a competition solution. 

 

Bret

 

 

 



On Apr 22, 2022, at 12:05 PM, duncan sfractal.com <duncan@sfractal.com> wrote:

 

Jane,

I donât disagree with anything you said, but are you implying that has some relevance to whether we propose STIX be an ITU standard? Note many OASIS standards have become ITU standards. Maybe Chet could provide a list of other OASIS standards that have become ITU standards? 

 

Rob mentioned a concern over whether doing this put any restrictions on us. I do not believe it does.  My belief is the other way round â OASIS puts the restrictions on the ITU. Maybe OASIS staff could provide us with the process and something on the experience of the many other TCâs that have .already done this?

 

At the meeting, my perception of the reservation raised seemed to be about STIX stability. I did not realize there are concerns about the stability of the standard and I would like to hear more about those concerns. But even if we intend to update it monthly (which I donât think will be the case), I still donât see that as a barrier to adoption by the ITU.

 

Note if we donât promote STIX to be the standard for threat intelligence, the ITU could conceivably make a different standard which I think would be a travesty. I wouldnât think they would do that since we have one ready-made and easy for them to adopt â as long as we are willing to provide it to them.

 

-- 

Duncan Sparrell

sFractal Consulting LLC

iPhone, iTypo, iApologize

I welcome VSRE emails. Learn more at http://vsre.info/

 

 

 

From: cti@lists.oasis-open.org <cti@lists.oasis-open.org> on behalf of JG @ OASIS <jg@ctin.us>
Date: Friday, April 22, 2022 at 12:44 PM
To: cti@lists.oasis-open.org <cti@lists.oasis-open.org>
Subject: Re: [cti] RE: [External] RE: [cti] Propose ITU STIX standard as agenda topic for next month

All:

Adding some information to this thread about ITU:

 

State of play: The U.S. is running a candidate to lead the International Telecommunication Union (ITU), the telecommunications agency of the UN.

  • If elected, Doreen Bogdan-Martin would be the first female secretary-general of the ITU, and the first U.S. leader since the 1960s.
  • Her competition is Russian candidate Rashid Ismailov, who previously worked for the Russian government and Huawei, as well as Nokia and Ericsson.


There's a battle brewing over how much of a role the ITU and governments should have over internet standards and protocols, with China and Russia advocating for the ITU to have more control over how the internet operates.

 

Source: https://www.axios.com/us-russia-internet-international-telecommunication-union-b1704192-495d-4fdc-95e2-cb923906c501.html

 

Jane Ginn
Cyber Threat Intelligence Network

 

 

On 4/22/2022 9:29 AM, Coderre, Rob wrote:

Jason,

 

Thanks for the info.  That doesnât sound onerous, which was my biggest âconcernâ.

 

Rob

 

From: Jason Keirstead <Jason.Keirstead@ca.ibm.com> 
Sent: Friday, April 22, 2022 12:13 PM
To: Coderre, Rob <robert.c.coderre@accenture.com>; Bret Jordan <bj@ctin.us>; Duncan Sparrell <duncan@sfractal.com>
Cc: cti@lists.oasis-open.org
Subject: [External] RE: [cti] Propose ITU STIX standard as agenda topic for next month

 

From my understanding this is simply a waterfall-sequence process by which a specific version is being "blessed" by ITU. There are no ramifications or restrictions on what OASIS or the CTI TC can release as updates, they just won't be part of that until there's an update. 

 

Maybe OASIS can do an out of band presentation on the ITU process?

 

--

Jason Keirstead

Distinguished Engineer, CTO - IBM Security Threat Management | www.ibm.com/security

Declare an Emergency: USA +1 888 241 9812, Global +1 312 212 8034

 

Assistant - Mauricio DurÃn Cambronero (mauduran@ibm.com)

See my calendar - https://ibm.biz/jkcalendar


Co-Chair - Open Cybersecurity Alliance, Project Governing Board

 


From: Coderre, Rob <robert.c.coderre@accenture.com>
Sent: Friday, April 22, 2022 12:39:37 PM
To: Jason Keirstead <Jason.Keirstead@ca.ibm.com>; Bret Jordan <bj@ctin.us>; Duncan Sparrell <duncan@sfractal.com>
Cc: cti@lists.oasis-open.org <cti@lists.oasis-open.org>
Subject: RE: [External] RE: [cti] Propose ITU STIX standard as agenda topic for next month

 

Jason,

 

Speaking for myself, I donât think there are any âconcernsâ per sÃ, but more questions around process and what ITU standardization means for updates and additions to the spec over time.  Does acceptance and publication by ITU put any additional restrictions on things?  I am generally in favor, as this would open up broader acceptance of the TC standards for international use.  I just donât know enough about the process to make a truly informed decision.

 

Best,

Rob

 

From: cti@lists.oasis-open.org <cti@lists.oasis-open.org> On Behalf Of Jason Keirstead
Sent: Thursday, April 21, 2022 7:11 PM
To: Bret Jordan <bj@ctin.us>; Duncan Sparrell <duncan@sfractal.com>
Cc: cti@lists.oasis-open.org
Subject: [External] RE: [cti] Propose ITU STIX standard as agenda topic for next month

 

I just want to chime in that, for whatever it's worth,  I fully support this as well. 

 

Unfortunately I could not make the meeting so I am unclear what if any concerns were raised - and am somewhat surprised there are any ? - I am also interested in

hearing them be raised on the list, as soon as possible. 

 

 

--

Jason Keirstead

Distinguished Engineer, CTO - IBM Security Threat Management | www.ibm.com/security

Declare an Emergency: USA +1 888 241 9812, Global +1 312 212 8034

 

Assistant - Mauricio DurÃn Cambronero (mauduran@ibm.com)

See my calendar - https://ibm.biz/jkcalendar


Co-Chair - Open Cybersecurity Alliance, Project Governing Board

 

 


From: cti@lists.oasis-open.org <cti@lists.oasis-open.org> on behalf of Bret Jordan <bj@ctin.us>
Sent: Thursday, April 21, 2022, 4:46 p.m.
To: Duncan Sparrell <duncan@sfractal.com>
Cc: cti@lists.oasis-open.org <cti@lists.oasis-open.org>
Subject: [EXTERNAL] Re: [cti] Propose ITU STIX standard as agenda topic for next month


I fully support this for both STIX 2.1 and TAXII 2.1. I was the one that originally floated the idea to the ITU-T SG17 Chair and the US and UK delegations. I still fully support this and would suggest that the TC vote on this so that it can ZjQcmQRYFpfptBannerStart

This Message Is From an External Sender

This message came from outside your organization.

ZjQcmQRYFpfptBannerEnd
I fully support this for both STIX 2.1 and TAXII 2.1. I was the one that originally floated the idea to the ITU-T SG17 Chair and the US and UK delegations. I still fully support this and would suggest that the TC vote on this so that it can be official. If there are any issues, as Duncan mentioned, please air them on the public mailing list so that they can be archived and documented. 

 

Thanks

Bret

 

 

On Apr 21, 2022, at 10:19 AM, duncan sfractal.com <duncan@sfractal.com> wrote:

 

I would like to propose that there be an agenda item on next monthâs TC call to discuss whether CTI TC should liaison with ITU on making STIX 2.1 an ITU standard.

 

My understanding (as official OASIS Liaison to ITU SG17 and attending most SG17 meetings for last few years) is that ITU has sent OASIS several liaisons requesting this. My understanding (from discussion with OASIS legal counsel) is that it was inappropriate prior to STIX becoming an OASIS standard (ie TC committee spec is not appropriate, but OASIS standard is) and that had been the holdup in the past. OASIS formally responded to ITU with that fact and implied that once STIX 2.1 was approved as standard, that OASIS would then proceed with ITU standardization. STIX 2.1 is now an OASIS standard so that hurdle is removed. Today was the first Iâd heard that there are other concerns. I would like those concerns aired (ideally via email prior to next monthâs TC meeting) and a plan created to address them if possible so we at least know a proposed timeline on when we might proceed. Or to decide that ITU standardization is inappropriate if that is the will of the group (which I really hope it is not the case).

 

OASIS is proud that one of itâs advantages is that it has been a path to ITU standardization for many influential standards. In my opinion, ITU standardization would help address many of the issues brought up on todayâs call with respect to increasing STIX awareness and adoption, and a more global reach for the TC.

 

Ditto everything above for TAXII but in the interest of one-step-at-a-time, Iâll settle for discussing STIX.

 

-- 

Duncan Sparrell

sFractal Consulting LLC

iPhone, iTypo, iApologize

I welcome VSRE emails. Learn more at http://vsre.info/

 

 

 



This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. Your privacy is important to us. Accenture uses your personal data only in compliance with data protection laws. For further information on how Accenture processes your personal data, please see our privacy statement at 
https://www.accenture.com/us-en/privacy-policy. 
______________________________________________________________________________________

http://www.accenture.com

-- 
**********************************
R. Jane Ginn, MSIA, MRP
OASIS, CTI TC Co-Secretary
OASIS, TAC TC Secretary
jg@ctin.us
**********************************

 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]