Based on the PR02 feedback and as mentioned in Toby's summary of the F2FÂmeeting, we will need a third public review of the OpenC2 specification suite.
I have two changes left to make to the HTTPS spec:
1) Editorial:Â update the 1.5.2. example to be a real thing. Jason was going to pick something from Brian Berliner's GH repo and I'll just copy that, since this is in common front matter
2) Material: Adjust the language regarding the TO message element to state the assumption that the Producer will supply a single address to an HTTPS transfer implementation. Right now the only mention of that element is in the conformance section; I should give a little thought whether some explanation is needed in section 3 somewhere, but right now I can't think of a good place for it. This relates to comment HTTPS-209 / GH issue 83 [
https://github.com/oasis-tcs/openc2-impl-https/issues/83]
Once I've made those two changes I'll create a PR to update the working branch of the OASIS repo for the specification.
If you haven't looked at the comments / the CRM / the commits linked above for the changes driven by PR2 comments and F2F discussions, I'd appreciate it you'd do so, even if just to give a thumb's up. We're trying to move quickly to deal with PR2 comments and trigger a new CSD/PRD ballot for the necessary PR3 this week, so timely feedback is crucial, especially if you see problems with the proposed changes.
Dave
David P. Lemire, CISSPHII Mission Driven Innovative Solutions (HII-MDIS, formerly G2, Inc.)
Technical Solutions (A Division of Huntington Ingalls Industries)
 OpenC2 Technical Committee Secretary
 OpenC2 Implementation Considerations SC Co-chair
 Contractor support to NSA
Email: dave.lemire@g2-inc.com
WorkÂ(301) 575-5190 |ÂMobile (240) 938-9350