CTI Charter

I believe we should be semantically pedantic when discussing the charter and I may not have made my position clear. I am fine with rechartering if we feel it is necessary. What I want us to be very careful on is when we are discussing the scope of the CTI TC Charter. The minutes have the following statements:

“Based on the original TC charter, we’ve largely accomplished our goals!”
“These (interop and accessibility) are not in our current charter.”
“Recharter is necessary because Interop is not in our original charter”

I have issues with the above statements. Reminding everyone, here is the scope copied verbatim from our current charter at https://www.oasis-open.org/committees/cti/charter.php :

“Scope of Work

The OASIS CTI TC work is the continuing development of the STIX and TAXII standards, based on the needs identified by the CTI TC Members. The Standards Track Work Product efforts will be related to improving existing information representations for codifying, analyzing, or sharing of cyber threat intelligence as well as defining new information representations for covering additional Cyber Threat Intelligence use cases identified by the CTI TC.

In addition to Standards Track Work Products, the OASIS CTI TC work products may include supporting documentation, open source tooling, and any other materials deemed necessary to encourage the adoption of the TC's specifications.”

I don’t think we have met all the goals in the charter eg “to improving existing information representations for codifying, analyzing, or sharing of cyber threat intelligence as well as defining new information representations for covering additional Cyber Threat Intelligence use cases identified by the CTI TC.” Although I agree that we may have delivered the deliverables in the charter section 4, I alsoI think “to continue evolving capabilities based on requirements and capabilities identified by OASIS TC members” gives us plenty of room to continue working.

I strongly disagree that interop is outside the scope of the existing charter. It clearly is within the scope above. I have no issue with rechartering. I don’t even have an issue with increasing the scope of the existing charter – if it is necessary. Note OASIS makes a big distinction between increasing the scope of a TC charter (essentially equivalent to making a new TC) and modifying your charter but keeping or downsizing your scope. I don’t want us to go through a lot of unnecessary bureaucracy that we don’t need to. And I would like us to be able to continue working in the meantime. Recall we are not allowed to work on items outside our scope. That is why the scope exists. And why I’m so anal on being semantically pedantic.

So let’s be careful on our wording. Adding interop to the charter deliverables section is fine, but I have not heard anything yet that indicates we need to expand the scope of the TC charter. Be precise if something is missing from the deliverables section of the charter as there is a huge difference between

“Recharter is necessary because Interop is not in our original charter” (what is said in meeting minutes) and
“Recharter would be beneficial because Interop is not in the deliverables section of our current charter” (what I think was meant).

The former means it can not be worked on until the TC is rechartered with an increased scope though an onerous process. The later means it is within the current charter but we would like to highlight it, and it’s a fairly lightweight process to update the charter to contain it.

Duncan Sparrell

sFractal Consulting LLC

iPhone, iTypo, iApologize

I welcome VSRE emails. Learn more at http://vsre.info/

cti message