Submitted on Friday, June 11, 2021 - 15:25
Submitted by user: censign
Submitted values are:
Your name: Chet Ensign
TC name: OASIS Cyber Threat Intelligence (CTI) TC
TC email address: cti@lists.oasis-open.org
Title: STIX Version 2.1
Approval link: https://www.oasis-open.org/apps/org/workgroup/voting/ballot.php?id=3624
Notes: Approval date is 10 June 2021. TAXII also approved on same ballot.
synced canonical TC directory to ztest to create staging directory
created stage directory
copied files into stage directory
updated existing symlinks
installed README warning file
set timestamps for directory and symlinks, also for version directory.
checked installation
requested OASIS staff staging review:
Please review the staging server installation of the files for STIX v2.1 OS.
This will be released along with the TAXII OS.
The only changes from the CS03 stage are the usual front matter items.
Paul Knight
added a comment - Public link for ballot is:
https://www.oasis-open.org/committees/ballot.php?id=3624
Updated files from CS03 to OS - no issues noted.
prepared files with timestamps, ZIP, and manifest in personal directory
verified sync between canonical directory and OASIS Library
created backup of /cti : 528383430 Jun 22 2021 cti-2021-06-22-15-07-165358776.zip
[backup directory: /mnt/archive/docsdot-backups/olbackups/ ]
synced canonical TC directory to ztest to create staging directory
created stage directory
copied files into stage directory
updated existing symlinks
installed README warning file
set timestamps for directory and symlinks, also for version directory.
checked installation
requested OASIS staff staging review:
Please review the staging server installation of the files for STIX v2.1 OS.
This will be released along with the TAXII OS.
The only changes from the CS03 stage are the usual front matter items.
The files are:
STIX Version 2.1
OASIS Standard
10 June 2021
https://docs-staging.oasis-open.org/ztest/cti/stix/v2.1/os/stix-v2.1-os.docx
https://docs-staging.oasis-open.org/ztest/cti/stix/v2.1/os/stix-v2.1-os.html
https://docs-staging.oasis-open.org/ztest/cti/stix/v2.1/os/stix-v2.1-os.pdf
Please add comments to https://issues.oasis-open.org/browse/TCADMIN-4006 .
For STIX (TCADMIN-4006), issues noted in References:
three links for unicode.org documents are currently unresponsive (two Normative)
Informative reference [Casey2007] is badly formatted, with a hidden (one space character) hyperlink to "https://communities.intel.com/servlet/JiveServlet/downloadBody/1151-102-1-1111/Threat%20Agent%20Library_07-2202w.pdf" in addition to the visible and correct link to researchgate.net.
I will correct/remove this hidden link and reload.
Paul Knight
added a comment - - edited
Synced files from /ztest to canonical directory (/htdocs)
Synced to OASIS Library (docs.oasis-open.org)
checked links, etc.
TAXII ( TCADMIN-4007 ) looks fine
For STIX ( TCADMIN-4006 ), issues noted in References:
three links for unicode.org documents are currently unresponsive (two Normative)
Informative reference [Casey2007] is badly formatted, with a hidden (one space character) hyperlink to "https://communities.intel.com/servlet/JiveServlet/downloadBody/1151-102-1-1111/Threat%20Agent%20Library_07-2202w.pdf" in addition to the visible and correct link to researchgate.net.
I will correct/remove this hidden link and reload.
STIX files fixed and replaced in canonical (htdocs) directory
synced to OASIS Library
link check looks better
unicode.org back online
a few other instance of doubled or "hidden" links still remain, but appear unnoticeable
example is Informative reference [WEP], with a hidden link for "http://ieeexplore.ieee.org/document/4610935/" placed in the space character between the colon and the visible URI "https://www.cia.gov/resources/csi/studies-in-intelligence/archives/vol-8-no-4/words-of-estimative-probability/"
other hidden links in the space character between the colon and "https" are present in the references [JSON Schema], [CVE], [CAPEC], [X.509], [TLP], [RFC7539], [RFC6234], [RFC5322], [RFC4122], [RFC3986], [RFC3339], [RFC3174], [RFC2047], [RFC1321], [NVD], [NIST SP800-38D], [Media Types], [IPFIX], [IEEE 754-2008], and [FIPS202] (in each of these instances, the "hidden" hyperlink matches the visible hyperlink).
It's likely that these hidden or duplicative hyperlinks are artifacts of some editorial gesture (set of keystrokes, etc.) or possibly Google Docs/MS Word interaction.
I will leave this document as it is now, since none of the hidden links is broken or malicious.
Paul Knight
added a comment - STIX files fixed and replaced in canonical (htdocs) directory
synced to OASIS Library
link check looks better
unicode.org back online
a few other instance of doubled or "hidden" links still remain, but appear unnoticeable
example is Informative reference [WEP] , with a hidden link for "http://ieeexplore.ieee.org/document/4610935/" placed in the space character between the colon and the visible URI "https://www.cia.gov/resources/csi/studies-in-intelligence/archives/vol-8-no-4/words-of-estimative-probability/"
other hidden links in the space character between the colon and "https" are present in the references [JSON Schema] , [CVE] , [CAPEC] , [X.509] , [TLP] , [RFC7539] , [RFC6234] , [RFC5322] , [RFC4122] , [RFC3986] , [RFC3339] , [RFC3174] , [RFC2047] , [RFC1321] , [NVD] , [NIST SP800-38D] , [Media Types] , [IPFIX] , [IEEE 754-2008] , and [FIPS202] (in each of these instances, the "hidden" hyperlink matches the visible hyperlink).
It's likely that these hidden or duplicative hyperlinks are artifacts of some editorial gesture (set of keystrokes, etc.) or possibly Google Docs/MS Word interaction.
I will leave this document as it is now, since none of the hidden links is broken or malicious.
Please review the OASIS Library installation of the files for STIX v2.1 OS and TAXII v2.1 OS.
I fixed and replaced the STIX files to address a broken "hidden" hyperlink (i.e., associated with the space character just before "https[...]"). During installation, I detected about 20 other "hidden" hyperlinks in references. These are not broken, and all but one are simply duplicates of the visible hyperlinks. I did not go back and try to fix these, as they are essentially not noticeable.
Otherwise, these both look good to me. The files are:
Paul Knight
added a comment - Requested sanity checks for STIX and TAXII:
Please review the OASIS Library installation of the files for STIX v2.1 OS and TAXII v2.1 OS.
I fixed and replaced the STIX files to address a broken "hidden" hyperlink (i.e., associated with the space character just before "https [...] "). During installation, I detected about 20 other "hidden" hyperlinks in references. These are not broken, and all but one are simply duplicates of the visible hyperlinks. I did not go back and try to fix these, as they are essentially not noticeable.
Otherwise, these both look good to me. The files are:
STIX Version 2.1
OASIS Standard
10 June 2021
https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.docx
https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html
https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.pdf
[Please add comments to https://issues.oasis-open.org/browse/TCADMIN-4006.]
**********
TAXII Version 2.1
OASIS Standard
10 June 2021
https://docs.oasis-open.org/cti/taxii/v2.1/os/taxii-v2.1-os.docx
https://docs.oasis-open.org/cti/taxii/v2.1/os/taxii-v2.1-os.html
https://docs.oasis-open.org/cti/taxii/v2.1/os/taxii-v2.1-os.pdf
[Please add comments to https://issues.oasis-open.org/browse/TCADMIN-4007.]
Submitter: Paul Knight
Technical Contact: Mr. Bret Jordan
Group: OASIS Cyber Threat Intelligence (CTI) TC
Folder: Approved Work Products
Date submitted: 2021-06-10 06:42:32
*********
Paul Knight
added a comment -
Removed README warning file and reset directory timestamp in canonical directory on staging server.
synced to OASIS Library (docs.oasis-open.org)
Installed link document in TC's Kavi repository, in "Approved Work Products":
**********
Document Name: STIX v2.1 OS
Description
This document is a link to https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html
OS:
STIX Version 2.1
OASIS Standard
10 June 2021
https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.docx
https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html
https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.pdf
Submitter: Paul Knight
Technical Contact: Mr. Bret Jordan
Group: OASIS Cyber Threat Intelligence (CTI) TC
Folder: Approved Work Products
Date submitted: 2021-06-10 06:42:32
*********
Ready for announcements.
Chet Ensign
added a comment - The OS is announced. See https://www.oasis-open.org/2021/06/23/stix-v2-1-and-taxii-v2-1-oasis-standards-are-published/ . TWeeted and posted to LI. Email announcements sent out. The standards page is updated and the TC's webpage is updated.
No other tasks left so I will close this ticket.
Public link for ballot is:
Updated files from CS03 to OS - no issues noted.
Please review the staging server installation of the files for STIX v2.1 OS.
This will be released along with the TAXII OS.
The only changes from the CS03 stage are the usual front matter items.
The files are:
STIX Version 2.1
OASIS Standard
10 June 2021
https://docs-staging.oasis-open.org/ztest/cti/stix/v2.1/os/stix-v2.1-os.docx
https://docs-staging.oasis-open.org/ztest/cti/stix/v2.1/os/stix-v2.1-os.html
https://docs-staging.oasis-open.org/ztest/cti/stix/v2.1/os/stix-v2.1-os.pdf
Please add comments to https://issues.oasis-open.org/browse/TCADMIN-4006.