OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

openc2-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: TAB comments on OpenC2 public review drafts


Greetings!

The OASIS Technical Advisory Board (TAB) tries to comment on all OASIS
public drafts.

Attached you will find comments on:

Open Command and Control (OpenC2) Language Specification Version 1.0
Committee Specification Draft 07 / Public Review Draft 01

Open Command and Control (OpenC2) Profile for Stateless Packet Filtering
Version 1.0
Committee Specification Draft 04 / Public Review Draft 01

Specification for Transfer of OpenC2 Messages via HTTPS Version 1.0
Committee Specification Draft 03 / Public Review Draft 01

It is not necessary to acknowledge the comments separately.
Acknowledging this email will be sufficient.

Please contact the TAB if we can be of assistance.

Hope you are at the start of a great week!

Patrick

-- 
Patrick Durusau
patrick@durusau.net
Technical Advisory Board, OASIS (TAB)
Editor, OpenDocument Format TC (OASIS), Project Editor ISO/IEC 26300
Co-Editor, ISO/IEC 13250-1, 13250-5 (Topic Maps)

Another Word For It (blog): http://tm.durusau.net
Homepage: http://www.durusau.net
Twitter: patrickDurusau 

Issue key,Issue id,Affects Version/s,Issue Type,Status,Custom field (Proposal)
TAB-1636,47562,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,"Before seeking public reviews in the future, do make serious attempts at all sections before posting for public review.

 

 

 

 

 

 

 

 

 "
TAB-1635,47561,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,"Complete Section 4. 

 

 

 

 

 

 

 

 

 "
TAB-1626,47552,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,Create a namespace for actuator and resolves internal conflicts on what you do or don't say about it. 
TAB-1617,47543,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,Create a normative vs. non-normative text statement and then mark text accordingly. 
TAB-1621,47547,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,"I would drop the notion of ""derivation"" as a noise word/concept and simply state the authorities for each data type. For your own identifier, simply state the rule, it isn't ""derived from string"" unless you are writing a grant proposal. ;)"
TAB-1634,47560,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,"Insert cross-refs and/or hyperlinks as appropriate on 3.4 and elsewhere.

 

 

 

 

 

 

 

 

 "
TAB-1618,47544,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,"Label 1.6, 1.7, 1.8 as non-normative. "
TAB-1619,47545,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,Label 2. OpenC2 Language Description as non-normative with minor revisions.
TAB-1637,47563,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,Label appendices as normative or non-normative
TAB-1629,47555,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,"Label the example as non-normative if not all examples are declared non-normative.

 "
TAB-1624,47550,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,Make the indicated text into a note. 
TAB-1628,47554,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,"Make this entire paragraph a note and label as non-normative.

 "
TAB-1630,47556,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,"Make this paragraph a note and label as non-normative.

 "
TAB-1625,47551,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,"Move up and restructure around these two items, assuming that is the scope of this draft."
TAB-1632,47558,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,"My suggestion is to drop data import altogether since you can't specify it for all cases. How data gets imported is up to users of your specification and then it must meet your requirements. How it got there is anyone's guess. 

 

 

 

 

 

 

 

 

 "
TAB-1622,47548,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,"Offset all ""for example and other examples from normative text. Just search for example and offset the following text as an example and mark as non-normative."
TAB-1631,47557,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,"Serious consideration of what ""conformance"" means when requiring the use of labels for the interchange of messages needs to be had. This isn't workable. 

 "
TAB-1620,47546,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,"Terms like ""valid,"" ""information model,"" ""constructed,"" etc., are vastly overrated. Avoid them unless necessary. 

Try:

""The data types used in OpenC2 messages are:""

 as a model. "
TAB-1623,47549,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,"To the editors, no doubt the text is clear and well-organized, to the casual reader, it is not. There should be hyperlinks to further details, when relevant and there should be some type of organization apparent to the reader. "
TAB-1633,47559,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,"Truth is all schemas are subject to extension and you should write this and your conformance language to specify *conforming* extensions. 

 

 

 

 

 

 

 

 

 "
TAB-1616,47542,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,Use  http://docs.oasis-open.org/templates/ietf-rfc-list/ietf-rfc-list.html to compare and correct the normative citations. 
TAB-1627,47553,Open Command and Control (OpenC2) Language Specification Version 1.0,Bug,New,"Wouldn't it be clearer to say: These are labels for JSON values for the transmission of cybersecurity messages? The values of the labels are not defined but should fall within the semantic field of the label. 

Ex. Seeking donaldhacker@2600PennDC should be labeled as a query (Action), email_addr (Target), Actuator (sys specific)

There's no shame in being a uniform labeling. That is in and of itself a worthwhile task."
Issue key,Issue id,Affects Version/s,Issue Type,Status,Custom field (Proposal)
TAB-1640,47568,Open Command and Control (OpenC2) Profile for Stateless Packet Filtering Version 1.0,Bug,New,Correct the RFC citations.
TAB-1645,47573,Open Command and Control (OpenC2) Profile for Stateless Packet Filtering Version 1.0,Bug,New,Move the table to an appendix and mark it non-normative.
TAB-1644,47572,Open Command and Control (OpenC2) Profile for Stateless Packet Filtering Version 1.0,Bug,New,Remove the definition list.
TAB-1641,47569,Open Command and Control (OpenC2) Profile for Stateless Packet Filtering Version 1.0,Bug,New,Reword as shown.
TAB-1642,47570,Open Command and Control (OpenC2) Profile for Stateless Packet Filtering Version 1.0,Bug,New,Reword as shown.
TAB-1643,47571,Open Command and Control (OpenC2) Profile for Stateless Packet Filtering Version 1.0,Bug,New,Reword as shown.
TAB-1638,47566,Open Command and Control (OpenC2) Profile for Stateless Packet Filtering Version 1.0,Bug,New,Set and then use language for distinguishing normative from non-normative content. 
TAB-1646,47574,Open Command and Control (OpenC2) Profile for Stateless Packet Filtering Version 1.0,Bug,New,"Suggest write:  ""MUST be conformant with Version 1.0 of the Language Specification"""
Issue key,Issue id,Affects Version/s,Issue Type,Status,Custom field (Proposal),Created
TAB-1639,47567,Specification for Transfer of OpenC2 Messages via HTTPS Version 1.0,Bug,New,Set and then use language for distinguishing normative from non-normative content. ,10/Dec/18 5:14 PM

Attachment: signature.asc
Description: OpenPGP digital signature



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]