OpenC2: Heads up on pending ballot and 'split time'

["Brule, Joseph M" <jmbrule@radium.ncsc.mil>]

All, 

There are two items in this email: 

ITEM ONE:  The 21:00 instance of the TC meeting will be changed in kavi to 'does not count toward voter eligibility', however in practice it will in accordance with the procedures I cleared with Chet Ensign and outlined in the email timestamped 16 Aug 2017 12:53:16 PDT.   If you attend the 21:00 meeting on the third Wednesday of the month, you will maintain your voting status.  

ITEM TWO: Pending ballot for eight github repositories.  

Recall that we had an OpenC2 TC meeting on August 16 at 11:00 and 21:00.  One of the business items was to approve eight repositories for our OpenC2 codebase.  We had 51 people attend and there were no objections, but failed to reach a quorum (not enough voting members).  

I am going to set up a ballot for all eight github repositories.  The motivation for the single ballot is to avoid loading your inboxes with eight nearly identical resolutions.   Request approval of the repositories so that the codebase is available to our prototype implementers.  

The actual resolutions are at the following locations: 
1) Googledocs:  https://drive.google.com/drive/folders/0B-FunCZrr-vtRFlkemZETVl5dzA 
2) Pasted at the end of this email
3) Pasted within the ballot itself. 

Mr. Adam Bradbury is the author of OrchID, ReactorMaster and ReactorRelay. 
Mr. Joshua Brule is the author of Yuuki. 

Mr. Bradbury and Mr. Brule are not OASIS members, but will be technical leads for their respective projects.  I checked this out with Chet Ensign and Robin Cover and is not inconsistent with OASIS rules.  

There is a procedure such that we can make them the maintainers of the code, however that is a separate matter and we need to get the repositories up and running first. 

Thank you 

Very respectfully, 

Joe Brule 


===== tear line ======

Preamble:
Whereas the OpenC2 Technical Committee 
●	was chartered to address matters as they pertain to command and control of cyber defense technologies, and
●	the charter directed the committee to maintain a library of prototype implementations, and
●	the charter specifies that the effort shall be developed in a manner that is language and message fabric agnostic,

Then be it resolved:
An OASIS GitHub repository known as the openc2-yuuki shall be formed.

With a purpose of:
●	Demonstrating the implementation of OpenC2 via multiple dispatch on type, and 
●	Provision a codebase to enable other prototype efforts. 

With the description of:
Openc2-yuuki; Yuuki is a python package for building an OpenC2 proxy.  Yuuki utilizes multiple dispatch on type and supports updating of actuators without interrupting the operations of the orchestrator or other actuators.  Yuuki is compatible with python version 2.7

With the initial execution of:
Openc2-yuuki shall be an open source effort in accordance with the BSD-3 open source license.  The initial codebase will be imported from the OpenC2 Forum’s Github repository.  The initial maintainer of the openc2-yuuki shall be Mr. Dave Kemp (National Security Agency) with Mr. Joshua Brule acting as the technical lead (University of Maryland).  


===== tear line ====

Preamble:
Whereas the OpenC2 Technical Committee 
●	was chartered to address matters as they pertain to command and control of cyber defense technologies, and
●	the charter directed the committee to maintain a library of prototype implementations, and
●	the charter specifies that the effort shall be developed in a manner that is language and message fabric agnostic,

Then be it resolved:
An OASIS GitHub repository known as the Orchestrator for Intelligent Defense (openc2-orchid) shall be formed.

With a purpose of:
●	creating a simple, modular application programming interface to accept OpenC2 commands and convert them to python actions, and 
●	Provision a codebase to enable other prototype efforts. 

With the description of:
Openc2-orchid; Orchid is an OpenC2 proxy built in Django 1.10.2. Orchid aims to provide a simple, modular API to begin accepting OpenC2 commands and converting them into Python actions.

With the initial execution of:
Openc2-orchid shall be an open source effort in accordance with the Apache 2.0 open source license.  The initial codebase will be imported from the OpenC2 Forum’s Github repository.  The initial maintainer of the openc2-orchid shall be be Mr. Dave Kemp (National Security Agency) with Mr. Adam Bradbury acting as the technical lead (Zepko Corporation).  

===== tear line ====

Preamble:
Whereas the OpenC2 Technical Committee 
●	was chartered to address matters as they pertain to command and control of cyber defense technologies, and
●	the charter directed the committee to maintain a library of prototype implementations, and
●	the charter specifies that the effort shall be developed in a manner that is language and message fabric agnostic,

Then be it resolved:
An OASIS GitHub repository known as openc2-reactor-master shall be formed.

With a purpose of:
●	demonstrating how OpenC2 can be deployed as a means to manage and administrate geographically disparate network , and 
●	Provision a codebase to enable other prototype efforts. 

With the description of:
Openc2-Reactor-master; Reactor-master provides a way to administrate multiple reactor-relay deployments. It provides an OpenC2 API to send commands to downstream relays, as well as a way for analyst to manually send commands to capable actuators deployed on client's sites that wouldn't be accessible directly from the internet.

With the initial execution of:
Openc2- Reactor-master shall be an open source effort in accordance with the Apache 2.0 open source license.  The initial codebase will be imported from the OpenC2 Forum’s Github repository.  The initial maintainer of the openc2-orchid shall be Mr. Dave Kemp (National Security Agency) with Adam Bradbury (Zepko Corporation) acting as the technical director.  

===== tear line ====

 

Preamble:
Whereas the OpenC2 Technical Committee 
●	was chartered to address matters as they pertain to command and control of cyber defense technologies, and
●	the charter directed the committee to maintain a library of prototype implementations, and
●	the charter specifies that the effort shall be developed in a manner that is language and message fabric agnostic,

Then be it resolved:
An OASIS GitHub repository known as openc2-reactor-relay shall be formed.

With a purpose of:
●	demonstrating how OpenC2 can be deployed as a means to manage and administrate geographically disparate network , and 
●	Provision a codebase to enable other prototype efforts. 

With the description of:
Openc2-reactor-relay; Reactor-relay provides a simple, modular API to accepting OpenC2 commands and converting them into Python actions.  Reactor-relay can be administered by non-technical staff. It allows the end user to link profile code, to OpenC2 commands and actuators, and handles credential storage.

The relay is called by an upstream Orchestrator (See reactor-master), the idea is, that an enterprise has multiple sites and clients, with different capabilities and network layouts, buy allowing engineers to create a topology of "Relays" commands can be routed to multiple sites from a central server, without the need for that central server to connect into each actuator directly. (i.e. remote access as root to a webserver from the internet).

Relays provide a way for us to define specific use cases and actuators per client, and provide a secure ip-locked TLS channel to execute those actions.

With the initial execution of:
Openc2-reactor-relay shall be an open source effort in accordance with the Apache 2.0 open source license.  The initial codebase will be imported from the OpenC2 Forum’s Github repository.  The initial maintainer of the openc2-orchid shall be Mr. Dave Kemp (National Security Agency) with Mr. Adam Bradbury as the technical lead (Zepko Corporation).  
 

===== tear line ====

 

Preamble:
Whereas the OpenC2 Technical Committee was chartered to address matters as they pertain to command and control of cyber defense technologies, and 
●	the charter directed the committee to maintain a library of prototype implementations, and 
●	the charter specifies that the effort shall be developed in a manner that is language and message fabric agnostic,

Then be it resolved:
An OASIS GitHub repository known as openc2-ocas shall be formed
With a purpose of:
●	demonstrating how OpenC2 can be developed as an Erlang/OTP application (http://www.erlang.org), and
●	maintaining a library of prototype implementations, and 
●	establish a codebase to enable other prototype efforts. 

With the description of:
Openc2-ocas; OpenC2 API Simulator (ocas) is an erlang/OTP application written in Erlang to demonstrate and exercise the OpenC2 specification. Ocas is a viable simulator for testing OpenC2 code, scenarios and use cases and may be used as a template for developing actual OpenC2 applications (i.e. augment the simulator code to actually perform the security functionality commanded).
Erlang is  especially suited for concurrent and parallel computing needed for security applications in cloud deployments. Erlang has been used by industry for applications that provide nine 9's or greater of reliability. Erlang scales particularly well for complex network simulations because concurrency and message passing are a fundamental of the language.

With the initial execution of:
Openc2-ocas shall be an open source effort in accordance with the Apache 2.0 open source license. The initial codebase will be imported from the OpenC2 Forum's Github repository. The initial maintainer of the openc2-ocas shall be Mr. Duncan Sparrell (s-Fractal Consulting LLC).
===== tear line ====

 

Preamble:
Whereas the OpenC2 Technical Committee 
●	was chartered to address matters as they pertain to command and control of cyber defense technologies, and
●	the charter directed the committee to maintain a library of sample commands, schema, prototype validation code, and
●	the charter specifies that the effort shall be developed in a manner that is language and message fabric agnostic,
Then be it resolved:
An OASIS GitHub repository known as openc2-jadn shall be formed.
With a purpose of:
●	providing an abstract schema that is independent of serialization, and
●	Provision a codebase for unit testing, validation of commands and conversion of the abstract notation to various serializations.
With the description of:
JSON Abstract Data Notation (JADN) is a JSON document format for defining abstract schemas. Unlike concrete schema languages such as XSD and JSON Schema, JADN defines the structure of datatypes independently of the serialization used to communicate and store data objects. An encoder/decoder (codec) validates the structure of data objects against the JADN schema and serializes/deserializes objects using a specified message format.
With the initial execution of:
Openc2-jadn shall be an open source effort in accordance with the Apache 2.0 open source license.  The initial codebase will be imported from the OpenC2 Forum’s Github repository.  The initial maintainer of the openc2-jadn shall be Mr. David Kemp (National Security Agency).   
===== tear line ====

Preamble:
Whereas the OpenC2 Technical Committee 
●	was chartered to address matters as they pertain to command and control of cyber defense technologies, and
●	the charter directed the committee to maintain a library of prototype implementations, and
●	the charter specifies that the effort shall be developed in a manner that is language and message fabric agnostic,

Then be it resolved:
An OASIS GitHub repository known as the openc2-g2bsd shall be formed.

With a purpose of:
●	Demonstrating the implementation of OpenC2 in a pub-sub environment, and 
●	Provision a codebase to enable other prototype efforts. 

With the description of:
Openc2-g2bsd; G2bsd demonstrates OpenC2 working within a pub/sub environment.
This implementation is written in C and developed on HardenedBSD. Though the C code is operating system agnostic, the Makefiles are BSD style Makefiles and will need modification to enable building on Linux.

With the initial execution of:
Openc2-g2bsd shall be an open source effort in accordance with the BSD 3 open source license.  The initial codebase will be imported from the OpenC2 Forum’s Github repository.  The initial maintainer of the openc2-g2bsd shall be Mr. Danny Martinez (G2 Corporation).  


=== tear line ====

Preamble:
Whereas the OpenC2 Technical Committee
●	was chartered to address matters as they pertain to command and control of cyber defense technologies, and
●	the charter directed the committee to maintain a library of prototype implementations, and
●	the charter specifies that the effort shall be developed in a manner that is language and message fabric agnostic,
 
Then be it resolved:
An OASIS GitHub repository known as the openc2-nsa-rd shall be formed.
 
With a purpose of:
●	Demonstrating a java implementation of OpenC2, and
●	Provision java libraries to enable other prototype efforts.
 
With the description of:
Openc2-nsa-rd; NSA-RD is a java implementation Implements 15 OpenC2 actions issued to nine actuators.
 
With the initial execution of:
Openc2-nsa-rd shall be an open source effort in accordance with the Apache 2.0 open source license.  The initial codebase will be imported from the National Security Agency’s Github repository.  The initial maintainer of the openc2-nsa-rd shall be Dave Kemp (National Security Agency).