[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [openc2] Questions on Oasis Process
OpenC2 leadership –
I think we need to reset the tone of this group.
Bret was not the only person concerned about recent events. But whether he was or not, I don’t believe it is appropriate to single anyone out. I will speak for myself in that, I was asking for time to review and *contribute* further to the documents being asked for a vote on.
This is a standards body for technology and frankly, we have lost sight (or appears that way) on what we are trying to do.
We want to build a standard that represents a step forward in automated cybersecurity command and control.
It is important that we focus on the technical content of the standard and if people are raising issues about timing or lack of time to provide feedback then the group should be concerned about that.
Not because we are not following process or not. It’s more important the standard matches what we need than whether we followed the exact process.
So these questions on process, points of order….etc are really not helping us.
Quite the opposite. I would say we are not asking questions on the list about a command, what it means, how it should be implemented in a firewall, what’s the difference between mitigate and deny…..etc. Those are important questions.
Questions on process is an indication that we need to get back to the technology.
My request for time to review the 13-page language spec was exactly that. A request to provide further input and help provide further comments if needed. It wasn’t a stall tactic or a process game. But that appears to be the reaction and the response to my request.
Can we *please* get back to focusing on the technology and building a great standard for *everyone* that is involved.
Chet, Robin, Carol,
I'm not sure who to ask so I'll ask all three of you and hope one of you can help me.
I thought I was operating within OASIS process when as SC Chair, we reviewed a document at 3 consecutive subcommittee meetings and submitted it to the TC for CSD vote. I have been accused us of 'ramrodding' this thru. I thought I was submitting the small subset we'd reached agreement on (draft is 150 pages, CSD proposal is the 13 pages that I thought we had agreement on). In the email below, Bret accuses the subcommittee meetings of being a 'working call' and 'does not constitute TC wide consensus'.More people were present for SC than he claims but yes it is true less people choose to participate in SC than the full TC. I thought the way to reach TC wide consensus was to bring the draft to the TC and have the TC vote on the CSD.
Bret and I clearly have different timing objectives. I would like to move as quickly as possible. Bret says "this group is trying to push concepts through far to quickly". I recognize I'm trying to use agile development processes in what has historically been a waterfall standards process. I personally believe the agile tenants apply in this particular case but I recognize I may be wrong.
Bret proposes we add some more standing rules. I would prefer to work withing the 'normal' OASIS rules and I personally think the OpenC2 standing rules are already more restrictive than needed and would prefer we not add any more. Because there is some overlap with CTI TC which has a particular way to do things, the CTI get touted as the right way to do things. CTI is one of the very many TC's in OASIS. I would like to understand how the other TC's in OASIS do things to make a more informed decision.
Could you help provide some perspective on how other TC's operate? How many other TC's have 'Standing rules' that modify the standard OASIS processes? How many TC's require CSD to be eballoted vs how many allow voting to place at the TC meeting? How many TC's require CSD's to be CS-ready vs how many go thru multiple drafts? What is the distribution of number of CSD revisions prior to becoming a CS? How many TC's have 'comment periods' prior to voting? What is the distribution on what comment/review period is required? Is there any other data or advice you could provide us to help the TC as a whole as we grapple with the proposed standing rule changes?
sFractal Consulting LLC
iPhone, iTypo, iApologize
--------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php