OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

openc2-lang message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Notes from 10/1 L-SC Meeting

Here are my notes from today's meeting:

  • Meeting link

  • No Toby, moved to Architecture Spec w/Duncan leading

    • Draft is currently in Duncan's repo, partly because of CS vs CN uncertainty

    • Working from Language spec, not ready to discuss common matter.

    • Two conformance clauses

    • Different flavors of conformance esp. WRT APs

      • "Exclusive" and "extended" are "horrible words" -- Duncan

      • People should feel free to suggest terminology

    • Putting the two types on the table for discussion

    • DaveL: Listing the APs and Transfer Specs means "frequent" updates

      • Duncan: have already demonstrated ability to review & approve docs in parallel; doesn't think it's a big deal, esp. w/current small number of specs

      • Normative requirement could point to a registry, esp. for custom APs

    • Registry in the approved CSes? No.ÂÂ

      • Duncan: have a chicken / egg problem. Should probably write assuming the creation of an AP registry

      • DaveK: AP-SC getting new activity, might have things to registerÂ

      • Duncan: was thinking registry would be for custom APs, esp. in progress

      • DaveK: philosophy is that everything starts as custom and migrates toward standard

  • DaveK:Â

    • Joe has started planning for the plug fest; some of the design activity will be oriented toward that. New Slack channel and use cases repo

  • DaveL: info about errata for the LS?

    • DaveK: a couple of LS pull requests on GH; discussed a couple of meetings

    • One clearly errata, one as not

  • Duncan: participating in Dept. of Commerce committee on SBOM (SW Bill Of Materials)

    • Proposing for plugfest a use case that asks what SW you've got.

    • Three different standard formats plus Single-hop vs full-depth

    • Duncan doesn't care about format for a plug fest use case

    • SBOM hot in several places

    • DaveL: SW inventory in C2C use case Joe circulated, DaveK has already put it in the use case repo

    • https://github.com/oasis-tcs/openc2-usecases/tree/master/Cybercom-Plugfest


Dave
--
David P. Lemire, CISSP
HII Mission Driven Innovative Solutions (HII-MDIS, formerly G2, Inc.)
Technical Solutions (A Division of Huntington Ingalls Industries)
 OpenC2 Technical Committee Secretary
 OpenC2 Implementation Considerations SC Co-chair
 Contractor support to NSA
Email: dave.lemire@g2-inc.com / david.lemire@hii-tsd.com
WorkÂ(301) 575-5190 |ÂMobile (240) 938-9350

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]