ChetÂEnsignChief Technical Community Steward OASIS Open | Â | Â | Â |
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [board-plus] Certification as a business?
Vas:  Chet confirmed that he added you to the list in question, although I admit, I'm not sure if that committee is the right committee. The overlap in the new various committees the board recently created still is bit of a mystery to me.
- ÂOne of them is a standing committee for which Carol serves as our staff rep and is primarily business-development oriented.
- ÂA second ad hoc panel, convened by Altaz, is talking about "operating models" which I gather is different, and will meet on its own separate schedule. I do not think it has its own Kavi group/list. Â
Regards  JamieSent from my mobileOn Oct 3, 2023, at 10:43, Vasileios Mavroeidis <vasileim@ifi.uio.no> wrote:ïThe email bounced because I'm not in the roster of that committee. Can I be added as a non voting member?
-Vas
On Oct 3, 2023 19:36, Vasileios Mavroeidis <vasileim@ifi.uio.no> wrote:
Btw: open call for feedback for:Âthe European cybersecurity certification scheme (EUCC) based on common criteria.ÂÂ
-Vas
On Oct 3, 2023 18:39, Jamie Clark <jamie.clark@oasis-open.org> wrote:
Forwarding to that committee.When conformance testing comes up as a topic, you may want to consider noting what we have learned from some of the following:
- Experience of Kantara
- Experience of Drake Certivo and Drummond Group
- ETSI Plugtests
- CTI TC attempts to create STIX certification
- EU SCCG
- Prior OASIS Interop events (mostly thinking about XACML and WSS here)
- OASIS experience with KMIP
- OASIS experience with IDESG (NSTIC identity) self-cert
- Self-certification versus third party
- Conformity vs interoperability
- Current ITU and ISO conformity regimes and rules
- Spec content in support of conformity assessment
Regards Jamie
James Bryce Clark, General Counsel, OASIS Open, setting the standard for open collaborationÂ
On Mon, Oct 2, 2023 at 9:13âAM Vasileios Mavroeidis <vasileim@ifi.uio.no> wrote:
Interesting idea.
General comments/food for thought, and I won't spam further this email list!!
Obviously, there are too many cost and operational factors to take into consideration before launching such a program. Most importantly, we would need to start by quantifying how adopted our standards are (implementations/products) to understand our position.
I assume that would require a substantial investment. We discussed - success factors - in our open projects; do we have a similar analysis for our standards to take a look at?
I had a look at the ITU document "ILAC Assessment Procedure in the field of Telecommunicationsâ which describes their process. I'm curious if we can somehow have info on their budget (for this effort) and forecasting.
The EU develops a certification scheme pertinent to security (and maybe privacy? I haven't been involved with this group at ENISA). Product owners can âshow" that their products satisfy a level of security.
From our side, having a program for validating the conformance clauses in a spec (itâs what we are discussing, right? If not, please correct me) doesnât sound very attractive to me - especially if it is something costly. Have we seen this approach implemented successfully in other SDOs?
Best,
Vasileios
>
> On 2 Oct 2023, at 15:26, Scott McGrath <scott.mcgrath@oasis-open.org> wrote:
>
> The new committees and mail lists are all set. If you didn't get the notice when it was created, you'll see the new groups showing in your list of subscribed lists https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
>
> On Sat, Sep 30, 2023 at 3:46âPM duncan sfractal.com <duncan@sfractal.com> wrote:
> I agree itâs suitable for those committees. I sent to board since those mail lists not set up yet and the meeting to learn more what others are doing (the attached email that prompted my email) is in under 2 weeks (Oct 12th). Note if you are interested, you do need to register, which involves getting an ITU id. No big deal and anyone can do. Just donât wait until last second.
>Â Â--
> Duncan Sparrell
> sFractal Consulting
> iPhone, iTypo, iApologize
> I welcome VSRE emails. Learn more at http://vsre.info/
>Â Â Â From: Francis Beland <francis.beland@oasis-open.org>
> Date: Saturday, September 30, 2023 at 2:24âPM
> To: Jamie Clark <jamie.clark@oasis-open.org>
> Cc: duncan sfractal.com <duncan@sfractal.com>, OASIS Board-plus <board-plus@lists.oasis-open.org>
> Subject: Re: [board-plus] Certification as a business?
> Letâs send this to the newly formed Biz dev and Biz Model committee. Perfect for discussion.
>Â ÂF
>
>
> On Sep 30, 2023, at 7:11 PM, Jamie Clark <jamie.clark@oasis-open.org> wrote:
>   ÂThis is a big and possibly-talky topic. ÂWe do have some data and experience, but can always learn more, including from the mistakes of others. Possible to send this to a Board committee for a higher-quality chat about it?
>Â Â ÂGreat to see almost everyone in Boston.
> thx Jamie
> James Bryce Clark, General Counsel, OASIS Open, setting the standard for open collaboration   On Fri, Sep 29, 2023 at 12:32âPM duncan sfractal.com <duncan@sfractal.com> wrote:
> One of the ideas OASIS has toyed with in the past is âcertificationâ or âtestingâ. If that is on the potential list for the future, people might be interested in the attached from a viewpoint of gathering data on who else is doing what.
>Â IMHO the âtestingâ business would be for the long-haul. Eg if OASIS had decided to do it in the past, the money maker of today would be things like MQTT which have been around for a decade not new things like STIX which hopefully would be the money maker of 10 years from now.
>Â Â--
> Duncan Sparrell
> sFractal Consulting
> iPhone, iTypo, iApologize
> I welcome VSRE emails. Learn more at http://vsre.info/
>Â Â Â From: t22sg17all-request@lists.itu.int <t22sg17all-request@lists.itu.int> on behalf of Yang, Xiaoya <xiaoya.yang@itu.int>
> Date: Friday, September 29, 2023 at 11:29 AM
> To: t22sg17all@lists.itu.int <t22sg17all@lists.itu.int>
> Cc: TSB SG11 Secretariat, ITU <tsbsg11@itu.int>
> Subject: [T17ALL] ITU Tutorial on ITU Testing Laboratories Recognition Procedure (Geneva, Switzerland, 12 October 2023)
> Dear colleagues,
>Â we would like to inform you that ITU is organizing a tutorial on Testing Laboratories Recognition procedure (https://itu.int/go/TT-TLRP). The event will be held in Geneva on 12 October 2023 (1130-1230 CEST, Geneva time), the remote connection will be provided as well.
>Â ÂThis tutorial aims at guiding all stakeholders on Testing Laboratories recognition procedure established by ITU, including its database (https://itu.int/go/tldb), its benefits and all logistical details needed for submitting applications. The information about ITU Product Conformity Database (https://itu.int/go/tcdb) will also be shared with delegates. The presentations will be followed by Q/A session.
>Â Please note that the event is free of charge and open to all who are interested on this subject matter. For participation the registration is required. Please register on eventâs web page (https://itu.int/go/TT-TLRP).
>Â Look forward to seeing you physically or remotely at the forthcoming event.
>Â Thank you in advance.
> Best regards,
> ITU-T SG11 Secretariat
> tsbsg11@itu.int <image002.png><image002.png>
>Â Â
>
> --
> Scott McGrath
> Chief Operating Officer
> OASIS Open Â
> +1 781-929-7308 Mobile
> scott.mcgrath@oasis-open.org
> www.oasis-open.org
ChetÂEnsignChief Technical Community Steward OASIS Open | Â | Â | Â |
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]