1. CTI STIX SC Status Report www.oasis-open.org December 10, 2015

2. The State of the Subcommittee is Good but could be Better n 69 members / 6 observers n 2 active workproducts l XML binding specification for STIX v1.2.1 l STIX v2.0 language specifications n Working through issues for STIX v2.0 l Very active with LOTS of great discussions on issues l Progress slowed by lack of focus on too many issues l All issues triaged and consensus roadmap published l Agreed to refocus on 1-2 issues at a time l Consensus reached on 1 issue and very near on another l Hopeful for more rapid progress going forward n JSON/JSON Schema chosen as MTI serialization n Ongoing debate whether STIX should be a language or only a messaging standard

3. Timestamps https://github.com/STIXProject/specifications/issues/85 Status: Consensus Achieved (!!!) Summary of Proposal: A restriction on RFC 3339: n Timezone offsets are required n Format requires 6 digits of fractional seconds, however… n There will be an accompanying precision field to specify less precise timestamps (year, month, day, hour, second, etc.) Remaining Decisions: n None

4. Data Markings https://github.com/johnwunder/data-markings Status: Nearing Consensus Summary of Proposal: Level 1 data markings will be introduced, they allow you to mark items at the object and package level. Level 2 markings operate similar to STIX 1.2 markings and allow you to mark at individual fields. Remaining Decisions: n Should we have data markings at the package level? n Should Level 1 markings be mandatory to implement (MTI)?

5. MTI Ballot n A non-binding ballot was put to the SC with the question: l “Do you approve the adoption of a JSON/JSON Schema-based MTI representation for TAXII 2.0, STIX 2.0 and CybOX 3.0 refactoring efforts?” n Ballot closed Dec 7 with the motion passing n This will be the MTI serialization going forward unless modified by the TC

6. Issue Proposals Suggested n In the interests of making more rapid progress the SC co-chairs would suggest that, where possible, parties bring actual proposals to the table on issues rather than us starting from scratch on each issue. n Soltra plans to bring proposals covering a range of issues to the face to face n Sean is working on a set of proposals for most of the Top-10 issues that will be submitted soon

7. An Optional STIX 2.0 Straw-man A small group of collaborators in order to make a lot of progress in a small amount of time l Based on identified STIX problems and roadmap issues l Focused on JSON MTI serialisation l STIX rethought. Groundwork for what can built upon – The first 80% vs the last 20% l Reach out to Terry MacDonald if you have questions l Expanded group participation during the Face to Face meeting Others are doing the same. You can do this too! We welcome others who wish to work on Straw-mans as well.

8. Ongoing Call to Action n Amount of discussion is great but can be overwhelming n Try to focus on 1-2 issues at a time n Strive for common ground and considering all perspectives n Encourage EVERYONE to always speak up with their opinions l More diversity in our discussions will help us all n Encourage all to contribute work in addition to opinions l We need to share the load