What is Symantec's position? What are the user's opinions?

[<duncan@sfractal.com>]

I think these discussions should be on the mailing list for transparency. I am not against changes to make us work better. I confess I've made mistakes. I've been in standards for 37 years yet I'm still willing to learn different ways to move forward. But I don't think 'starting over' does anything but delay.

It's worrisome to me that Symantec would let you stop working on OpenC2. That, combined with the fact Symantec has not submitted any actuator profiles for the very many Symantec products that would be impacted by OpenC2, tells me Symantec is not wholly behind moving this specification forward.

It's the users who are the purchasers of actuators who benefit most from OpenC2. It's the actuator vendors who are impacted the most, especially the established actuator vendors that will have to make changes to their products. OpenC2 will cost them money (to make the changes) and lose them their vendor lock-in from their proprietary C2 interfaces. So it's not surprising they aren't trying their hardest to get this spec out.

If the users let a vendor take their ball and home, then shame on us. Using Souni's _expression_, I recommend the users use their "power of the purse", and hold vendors accountable to OpenC2 interfaces whether they participate or not. And I recommend they recognize the difference between tactics for getting the spec out and tactics for slowing it down.

Duncan Sparrell

sFractal Consulting LLC

iPhone, iTypo, iApologize

-------- Original Message --------
Subject: Re: [EXT] Re: presentation for TC meeting next week
From: Bret Jordan <Bret_Jordan@symantec.com>
Date: Fri, November 17, 2017 5:34 pm
To: Trey Darley <trey@newcontext.com>
Cc: Allan Thomson <athomson@lookingglasscyber.com>, "Kemp, David P"
<dpkemp@radium.ncsc.mil>, "Brule, Joseph M" <jmbrule@radium.ncsc.mil>,
"Fai, Joyce" <Joyce.Fai@gd-ms.com>, dave.lemire
<dave.lemire@g2-inc.com>, "Jyoti Verma (jyoverma)" <jyoverma@cisco.com>,
"duncan@sfractal.com" <duncan@sfractal.com>, "Yu, Sounil"
<sounil.yu@bankofamerica.com>

Speaking for myself, I completely agree with what Trey and Alan have said.  TBH, I am nearing the edge of just walking away from openc2.  We have fundamental problems and issues in this TC, and we need to resolve them.

At this point I would also support a complete reboot and rechartering of the TC, or a separate working group in ETSI or IETF.

Bret 

Sent from my Commodore 128D

PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050