Approved Errata for Common Security Advisory Framework v2.0 published

OASIS and the OASIS Common Security Advisory Framework (CSAF) TC [1] are pleased to announce the approval and publication of Common Security Advisory Framework Version 2.0 Errata 01.

This document lists the approved errata for the OASIS Standard “Common Security Advisory Framework Version 2.0.” The specific changes are listed in section 1.1, at https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/os/csaf-v2.0-errata01-os.html#11-description-of-changes.

The Common Security Advisory Framework (CSAF) Version 2.0 is the definitive reference for the CSAF language which supports creation, update, and interoperable exchange of security advisories as structured information on products, vulnerabilities and the status of impact and remediation among interested parties.

The OASIS CSAF Technical Committee is chartered to make a major revision to the widely-adopted Common Vulnerability Reporting Framework (CVRF) specification, originally developed by the Industry Consortium for Advancement of Security on the Internet (ICASI). ICASI has contributed CVRF to the CSAF TC. The revision is being developed under the name Common Security Advisory Framework (CSAF). TC deliverables are designed to standardize existing practice in structured machine-readable vulnerability-related advisories and further refine those standards over time.

The documents and related files are available here:

Common Security Advisory Framework Version 2.0 Errata 01
OASIS Approved Errata
26 January 2024

Editable source (Authoritative):
https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/os/csaf-v2.0-errata01-os.md

HTML:
https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/os/csaf-v2.0-errata01-os.html

PDF:
https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/os/csaf-v2.0-errata01-os.pdf

JSON schemas:
Aggregator JSON schema:
https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/os/schemas/aggregator_json_schema.json
CSAF JSON schema:
https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/os/schemas/csaf_json_schema.json
Provider JSON schema:
https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/os/schemas/provider_json_schema.json

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/os/csaf-v2.0-errata01-os.zip

Members of the CSAF TC [1] approved the publication of these Errata by Full Majority Vote [2]. The Errata had been released for public review as required by the TC Process [3]. The Approved Errata are now available online in the OASIS Library as referenced above.

Our congratulations to the CSAF TC on achieving this milestone.

========== Additional references:
[1] OASIS Common Security Advisory Framework (CSAF) TC
https://www.oasis-open.org/committees/csaf/

[2] https://lists.oasis-open.org/archives/csaf/202402/msg00001.html

[3] Public review:
– 15-day public review, 20 December 2023: https://lists.oasis-open.org/archives/members/202312/msg00005.html
– Comment resolution log: https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/csd01/csaf-v2.0-errata01-csd01-comment-resolution-log.txt

The DocBook Schema Version 5.2 OASIS Standard published

OASIS is pleased to announce the publication of its newest OASIS Standard, approved by the members on 06 February 2024:

The DocBook Schema Version 5.2
OASIS Standard
06 February 2024

Overview:

Almost all computer hardware and software developed around the world needs some documentation. For the most part, this documentation has a similar structure and a large core of common idioms. The community benefits from having a standard, open, interchangeable vocabulary in which to write this documentation. DocBook has been, and will continue to be, designed to satisfy this requirement. For more than 25 years, DocBook has provided a structured markup vocabulary for just this purpose. DocBook Version 5.2 continues the evolution of the DocBook XML schema.

The prose specifications and related files are available here:

The DocBook Schema Version 5.2

Editable source (Authoritative):
https://docs.oasis-open.org/docbook/docbook/v5.2/os/docbook-v5.2-os.docx

HTML:
https://docs.oasis-open.org/docbook/docbook/v5.2/os/docbook-v5.2-os.html

PDF:
https://docs.oasis-open.org/docbook/docbook/v5.2/os/docbook-v5.2-os.pdf

Schemas:
Relax NG schemas: https://docs.oasis-open.org/docbook/docbook/v5.2/os/rng/
Schematron schemas: https://docs.oasis-open.org/docbook/docbook/v5.2/os/sch/
XML catalog: https://docs.oasis-open.org/docbook/docbook/v5.2/os/catalog.xml
NVDL schemas: https://docs.oasis-open.org/docbook/docbook/v5.2/os/

Distribution ZIP file

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:

https://docs.oasis-open.org/docbook/docbook/v5.2/os/docbook-v5.2-os.zip

Our congratulations to the members of the OASIS DocBook Technical Committee on achieving this milestone.

Two XACML Committee Specifications approved – “Related and Nested Entities” and “Separation of Duties”

OASIS is pleased to announce the approval and publication of two new Committee Specifications by the members of the eXtensible Access Control Markup Language (XACML) TC [1]:
– XACML v3.0 Related and Nested Entities Profile Version 1.0 Committee Specification 03
– XACML v3.0 Separation of Duties Version 1.0 Committee Specification 01

These two Committee Specifications are OASIS deliverables, completed and approved by the TC and fully ready for testing and implementation.

XACML v3.0 Related and Nested Entities Profile Version 1.0
Committee Specification 03
30 January 2024

Overview:

It is not unusual for access control policy to be dependent on attributes that are not naturally properties of the access subject or resource, but rather are properties of entities that are related to the access subject or resource. This profile defines the means to reference such attributes from within XACML policies for processing by a policy decision point.

The prose specifications and related files are available here:

Editable source (Authoritative):
https://docs.oasis-open.org/xacml/xacml-3.0-related-entities/v1.0/cs03/xacml-3.0-related-entities-v1.0-cs03.docx

HTML:
https://docs.oasis-open.org/xacml/xacml-3.0-related-entities/v1.0/cs03/xacml-3.0-related-entities-v1.0-cs03.html

PDF:
https://docs.oasis-open.org/xacml/xacml-3.0-related-entities/v1.0/cs03/xacml-3.0-related-entities-v1.0-cs03.pdf

XML schemas:
https://docs.oasis-open.org/xacml/xacml-3.0-related-entities/v1.0/cs03/schemas/

Distribution ZIP file

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file:
https://docs.oasis-open.org/xacml/xacml-3.0-related-entities/v1.0/cs03/xacml-3.0-related-entities-v1.0-cs03.zip

******

XACML v3.0 Separation of Duties Version 1.0
Committee Specification 01
30 January 2024

Overview:

This specification defines a method for supporting separation of duties within XACML policies using obligations and allowing the full generality of attribute-based access control. In particular, duties are not required to be associated with subject roles.

The prose specifications and related files are available here:

Editable source (Authoritative):
https://docs.oasis-open.org/xacml/xacml-3.0-duties/v1.0/cs01/xacml-3.0-duties-v1.0-cs01.docx

HTML:
https://docs.oasis-open.org/xacml/xacml-3.0-duties/v1.0/cs01/xacml-3.0-duties-v1.0-cs01.html

PDF:
https://docs.oasis-open.org/xacml/xacml-3.0-duties/v1.0/cs01/xacml-3.0-duties-v1.0-cs01.pdf

Distribution ZIP file:
https://docs.oasis-open.org/xacml/xacml-3.0-duties/v1.0/cs01/xacml-3.0-duties-v1.0-cs01.zip

Members of the eXtensible Access Control Markup Language (XACML) TC [1] approved these two specifications by Special Majority Vote. The specifications had been released for public review as required by the TC Process [2]. The vote to approve as Committee Specifications passed [3], and the documents are now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving these milestones and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

========== Additional references:

[1] eXtensible Access Control Markup Language (XACML) TC
https://www.oasis-open.org/committees/xacml/

[2] Details of public reviews:
https://docs.oasis-open.org/xacml/xacml-3.0-related-entities/v1.0/csd03/xacml-3.0-related-entities-v1.0-csd03-public-review-metadata.html
https://docs.oasis-open.org/xacml/xacml-3.0-duties/v1.0/csd01/xacml-3.0-duties-v1.0-csd01-public-review-metadata.html

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=3812

Invitation to comment on Data Model for Lexicography v1.0

OASIS and the OASIS Lexicographic Infrastructure Data Model and API (LEXIDMA) TC are pleased to announce that Data Model for Lexicography Version 1.0 is now available for public review and comment. This 30-day review is the second public review for this specification.

About the specification draft:

The LEXIDMA TC’s high level purpose is to create an open standards based framework for internationally interoperable lexicographic work. Data Model for Lexicography v1.0 describes and defines standard serialization independent interchange objects based predominantly on state of the art in the lexicographic industry. The TC aims to develop the lexicographic infrastructure as part of a broader ecosystem of standards employed in Natural Language Processing (NLP), language services, and Semantic Web.

This document defines the first version of a data model in support of these technical goals, including:
– A serialization-independent Data Model for Lexicography (DMLex)
– An XML serialization of DMLex
– A JSON serialization of DMLex
– A relational database serialization of DMLex
– An RDF serialization of DMLex
– An informative NVH serialization of DMLex

The documents and related files are available here:

Data Model for Lexicography (DMLex) Version 1.0
Committee Specification Draft 02
12 January 2024

PDF (Authoritative):
https://docs.oasis-open.org/lexidma/dmlex/v1.0/csd02/dmlex-v1.0-csd02.pdf
HTML:
https://docs.oasis-open.org/lexidma/dmlex/v1.0/csd02/dmlex-v1.0-csd02.html
PDF marked with changes since previous public review:
https://docs.oasis-open.org/lexidma/dmlex/v1.0/csd02/dmlex-v1.0-csd02-DIFF.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/lexidma/dmlex/v1.0/csd02/dmlex-v1.0-csd02.zip

How to Provide Feedback

OASIS and the LEXIDMA TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

The public review starts 31 January 2024 at 00:00 UTC and ends 29 February 2024 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility, which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=lexidma).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/lexidma-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the LEXIDMA TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/lexidma/

Additional information related to this public review, including a complete publication and review history, can be found in the public review metadata document [3].

========== Additional references:

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/lexidma/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#Non-Assertion-Mode
Non-Assertion Mode

[3] Public review metadata document:
https://docs.oasis-open.org/lexidma/dmlex/v1.0/csd02/dmlex-v1.0-csd02-public-review-metadata.html

Invitation to comment on CACAO Layout Extension v1.0

OASIS and the OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Security TC are pleased to announce that CACAO Layout Extension v1.0 is now available for public review and comment. This 30-day review is the first public review for this specification.

About the specification draft:

Collaborative Automated Course of Action Operations (CACAO) is a schema and taxonomy for cyber security playbooks. The CACAO specification describes how these playbooks can be created, documented, and shared in a structured and standardized way across organizational boundaries and technological solutions.

This specification defines the CACAO Layout Extension for the purpose of visually representing CACAO playbooks accurately and consistently across implementations.

The documents and related files are available here:

CACAO Layout Extension Version 1.0
Committee Specification Draft 01
16 January 2024

Editable source (Authoritative):
https://docs.oasis-open.org/cacao/layout-extension/v1.0/csd01/layout-extension-v1.0-csd01.docx
HTML:
https://docs.oasis-open.org/cacao/layout-extension/v1.0/csd01/layout-extension-v1.0-csd01.html
PDF:
https://docs.oasis-open.org/cacao/layout-extension/v1.0/csd01/layout-extension-v1.0-csd01.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/cacao/layout-extension/v1.0/csd01/layout-extension-v1.0-csd01.zip

How to Provide Feedback

OASIS and the CACAO TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

The public review starts 25 January 2024 at 00:00 UTC and ends 23 February 2024 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility, which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=cacao).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/cacao-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the CACAO TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/cacao/

Additional information related to this public review, including a complete publication and review history, can be found in the public review metadata document [3].

========== Additional references:

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/cacao/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#Non-Assertion-Mode
Non-Assertion Mode

[3] Public review metadata document:
https://docs.oasis-open.org/cacao/layout-extension/v1.0/csd01/layout-extension-v1.0-csd01-public-review-metadata.html

Invitation to comment on Common Security Advisory Framework v2.0 Errata 01

OASIS and the OASIS Common Security Advisory Framework (CSAF) TC are pleased to announce that Common Security Advisory Framework Version 2.0 Errata 01 is now available for public review and comment.

This document lists proposed errata for the OASIS Standard “Common Security Advisory Framework Version 2.0.” The specific changes are listed in section 1.1, at https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/csd01/csaf-v2.0-errata01-csd01.html#11-description-of-changes.

The Common Security Advisory Framework (CSAF) Version 2.0 is the definitive reference for the CSAF language which supports creation, update, and interoperable exchange of security advisories as structured information on products, vulnerabilities and the status of impact and remediation among interested parties.

The OASIS CSAF Technical Committee is chartered to make a major revision to the widely-adopted Common Vulnerability Reporting Framework (CVRF) specification, originally developed by the Industry Consortium for Advancement of Security on the Internet (ICASI). ICASI has contributed CVRF to the TC. The revision is being developed under the name Common Security Advisory Framework (CSAF). TC deliverables are designed to standardize existing practice in structured machine-readable vulnerability-related advisories and further refine those standards over time.

The documents and related files are available here:

Common Security Advisory Framework Version 2.0 Errata 01
Committee Specification Draft 01
15 December 2023

Editable source (Authoritative):
https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/csd01/csaf-v2.0-errata01-csd01.md

HTML:
https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/csd01/csaf-v2.0-errata01-csd01.html

PDF:
https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/csd01/csaf-v2.0-errata01-csd01.pdf

JSON schemas:
Aggregator JSON schema:
https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/csd01/schemas/aggregator_json_schema.json
CSAF JSON schema:
https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/csd01/schemas/csaf_json_schema.json
Provider JSON schema:
https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/csd01/schemas/provider_json_schema.json

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/csd01/csaf-v2.0-errata01-csd01.zip

A public review announcement metadata record [3] is published along with the specification files.

How to Provide Feedback

OASIS and the CSAF TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

The public review starts 21 December 2023 at 00:00 UTC and ends 04 January 2024 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=csaf).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/csaf-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the CSAF TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/csaf/

========== Additional references:

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/csaf/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#Non-Assertion-Mode

[3] Public review announcement metadata:
https://docs.oasis-open.org/csaf/csaf/v2.0/errata01/csd01/csaf-v2.0-errata01-csd01-public-review-metadata.html

NIEM Model v6.0 Project Specification 01 approved by the NIEMOpen Open Project

OASIS is pleased to announce that NIEM Model Version 6.0 from the NIEMOpen Open Project [1] has been approved as an OASIS Project Specification.

NIEM is a data model that enables efficient information exchange across diverse public and private organizations. NIEM can improve interoperability among message exchange partners by providing consistent rules, reusable data components, and repeatable processes.

NIEM Model v6.0 includes detailed descriptions of the changes since the previous version 5.2.

This Project Specification is an OASIS deliverable, completed and approved by the OP’s Project Governing Board and fully ready for testing and implementation. The applicable open source licenses can be found in the project’s administrative repository at https://github.com/niemopen/oasis-open-project/blob/main/LICENSE.md.

The specification and related files are available at:

NIEM Model Version 6.0
Project Specification 01
04 December 2023

Markdown (Authoritative):
https://docs.oasis-open.org/niemopen/niem-model/v6.0/ps01/niem-model-v6.0-ps01.md
HTML:
https://docs.oasis-open.org/niemopen/niem-model/v6.0/ps01/niem-model-v6.0-ps01.html
PDF:
https://docs.oasis-open.org/niemopen/niem-model/v6.0/ps01/niem-model-v6.0-ps01.pdf
Complete XML Schema:
NIEM Core Schema: https://docs.oasis-open.org/niemopen/niem-model/v6.0/ps01/xsd/niem-core.xsd
NIEM Domain Schemas: https://docs.oasis-open.org/niemopen/niem-model/v6.0/ps01/xsd/domains/
NIEM Adapter Schemas: https://docs.oasis-open.org/niemopen/niem-model/v6.0/ps01/xsd/adapters/
NIEM Auxiliary Schemas: https://docs.oasis-open.org/niemopen/niem-model/v6.0/ps01/xsd/auxiliary/
NIEM Code Schemas: https://docs.oasis-open.org/niemopen/niem-model/v6.0/ps01/xsd/codes/
NIEM External Schemas: https://docs.oasis-open.org/niemopen/niem-model/v6.0/ps01/xsd/external/
NIEM Utility Schemas: https://docs.oasis-open.org/niemopen/niem-model/v6.0/ps01/xsd/utility/
NIEM Documentation files:
NIEM README: https://docs.oasis-open.org/niemopen/niem-model/v6.0/ps01/README.md
NIEM documentation files: https://docs.oasis-open.org/niemopen/niem-model/v6.0/ps01/docs/
Other artifacts:
NIEM CSV files: https://docs.oasis-open.org/niemopen/niem-model/v6.0/ps01/csv/
NIEM JSON-LD files: https://docs.oasis-open.org/niemopen/niem-model/v6.0/ps01/json-ld/
NIEM XML Catalog: https://docs.oasis-open.org/niemopen/niem-model/v6.0/ps01/xsd/xml-catalog.xml

Distribution ZIP file

For your convenience, OASIS provides a complete package of the specification and related files in a ZIP distribution file. You can download the ZIP file at:
https://docs.oasis-open.org/niemopen/niem-model/v6.0/ps01/niem-model-v6.0-ps01.zip

Members of the NIEMOpen OP Project Governing Board approved this specification by Special Majority Vote [2] as required by the Open Project rules [3].

Our congratulations to the participants and contributors in the NIEMOpen Open Project on their achieving this milestone.

Additional references:

[1] NIEMOpen Open Project
https://www.niemopen.org/

[2] Approval ballot:
https://lists.oasis-open-projects.org/g/niemopen-pgb/message/127

[3] https://www.oasis-open.org/policies-guidelines/open-projects-process/

Invitation to comment on XACML v3.0 Related and Nested Entities v1.0 from the XACML TC

We are pleased to announce that XACML v3.0 Related and Nested Entities Profile Version 1.0 CSD03 from the OASIS eXtensible Access Control Markup Language (XACML) TC is now available for public review and comment. This is the third public review for this work.

Overview:

The eXtensible Access Control Markup Language (XACML) defines categories of attributes that describe entities of relevance to access control decisions. XACML rules, policies and policy sets contain assertions over the attributes of these entities that must be evaluated to arrive at an access decision. Principal among the various predefined entities are the entity that is requesting access, i.e., the access subject, and the entity being accessed, i.e., the resource. However, it is not unusual for access decisions to be dependent on attributes of entities that are associated with the access subject or resource. For example, attributes of an organization that employs the access subject, or attributes of a licensing agreement that covers the terms of use of a resource.

This profile defines two ways of representing these associated entities in the request context – related entities and nested entities – and defines additional mechanisms to access and traverse these entities.

TC Description:

The XACML TC specifies access control standards, based on the Attribute-based Access Control model (ABAC). The core of this work is the specification of the syntax and semantics of a policy language called XACML. Current work in the TC consists mostly of defining additional profiles of various types which build on version 3.0 of the XACML core specification.

The documents and related files are available here:

XACML v3.0 Related and Nested Entities Profile Version 1.0
Committee Specification Draft 03

09 November 2023

Editorial source (Authoritative):
https://docs.oasis-open.org/xacml/xacml-3.0-related-entities/v1.0/csd03/xacml-3.0-related-entities-v1.0-csd03.docx
HTML:
https://docs.oasis-open.org/xacml/xacml-3.0-related-entities/v1.0/csd03/xacml-3.0-related-entities-v1.0-csd03.html
PDF:
https://docs.oasis-open.org/xacml/xacml-3.0-related-entities/v1.0/csd03/xacml-3.0-related-entities-v1.0-csd03.pdf
Additional normative artifacts:
XML schema: https://docs.oasis-open.org/xacml/xacml-3.0-related-entities/v1.0/csd03/schemas/

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file at:
https://docs.oasis-open.org/xacml/xacml-3.0-related-entities/v1.0/csd03/xacml-3.0-related-entities-v1.0-csd03.zip

How to Provide Feedback

OASIS and the XACML TC value your feedback. We solicit feedback from potential users, developers and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

This public review starts on 06 December 2023 at 00:00 UTC and ends 20 December 2023 at 11:59 UTC.

Comments on the work may be submitted to the TC by following the instructions located at:
https://www.oasis-open.org/committees/comments/form.php?wg_abbrev=xacml

Feedback submitted by TC non-members for this work and for other work of this TC is publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/xacml-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with the public review of these works, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about this specification and the XACML TC may be found on the TC’s public home page:
https://www.oasis-open.org/committees/xacml/

Additional information related to this public review can be found in the public review metadata document [3].

========== Additional references:

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/xacml/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#RF-on-Limited-Mode
RF on Limited Terms Mode

[3] Public review metadata document:

https://docs.oasis-open.org/xacml/xacml-3.0-related-entities/v1.0/csd03/xacml-3.0-related-entities-v1.0-csd03-public-review-metadata.html

Electronic Court Filing v4.1 & v5.01 and ECF Web Services SIP v4.1 & v5.01 Committee Specifications Published

We are pleased to announce that Electronic Court Filing Version 4.1 & Version 5.01 and Electronic Court Filing Web Services Service Interaction Profile Version 4.1 & Version 5.01 from the LegalXML Electronic Court Filing TC [1] have been approved as OASIS Committee Specifications, and are now available.

In addition, the ECF TC members have published the Committee Note “Implementation Guidance for Electronic Court Filing Version 4.1.” It provides non-normative guidance to implementers of the LegalXML Electronic Court Filing Version 4.1 specification.

ECF defines a technical architecture and a set of components, operations and message structures for an electronic court filing system, and sets forth rules governing its implementation.

Version 4.1:
LegalXML Electronic Court Filing Version 4.1 (ECF v4.1) consists of a set of non-proprietary XML and Web Services specifications, along with clarifying explanations and amendments to those specifications, that have been added for the purpose of promoting interoperability among electronic court filing vendors and systems. ECF Version 4.1 is a maintenance release to address several minor schema and definition issues identified by implementers of the ECF 4.0 and 4.01 specifications.

Electronic Court Filing Web Services Service Interaction Profile defines a Service Interaction Profile, as defined in section 5 of the ECF v4.1 specification. The Web Services Service Interaction Profile may be used to transmit ECF 4.1 messages between Internet-connected systems.

Version 5.01:
Electronic Court Filing Version 5.01 (ECF v5.01) consists of a set of non-proprietary XML and Web Services specifications developed to promote interoperability among electronic court filing vendors and systems. ECF v5.01 is a minor release that adds new functionality and capabilities beyond the scope of the ECF 5,0, 4.0 and 4.01 specifications that it supersedes.

Electronic Court Filing Web Services Service Interaction Profile defines a Service Interaction Profile (SIP), as defined in section 7 of the ECF v5.01 specification. The Web Services SIP may be used to transmit ECF 5.01 messages between Internet-connected systems.

The documents for these four Committee Specifications and related files, as well as the new Committee Note, are available here:

Electronic Court Filing Version 4.1
Committee Specification 01
29 September 2023

Editable source (Authoritative):
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/cs01/ecf-v4.1-cs01.docx
HTML:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/cs01/ecf-v4.1-cs01.html
PDF:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/cs01/ecf-v4.1-cs01.pdf
XML schemas:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/cs01/xsd/
XML sample messages:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/cs01/xml/
Model and documentation:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/cs01/model/
Genericode code lists:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/cs01/gc/
Specification metadata:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/cs01/xsd/metadata.xml
Complete package in ZIP file:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/cs01/ecf-v4.1-cs01.zip
************************

Electronic Court Filing Web Services Service Interaction Profile Version 4.1
Committee Specification 01
29 September 2023

Editable source (Authoritative):
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v4.1/cs01/ecf-webservices-v4.1-cs01.docx
HTML:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v4.1/cs01/ecf-webservices-v4.1-cs01.html
PDF:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v4.1/cs01/ecf-webservices-v4.1-cs01.pdf
WSDL files:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v4.1/cs01/wsdl/
WSDL examples:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v4.1/cs01/wsdl/examples/
Complete package in ZIP file:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v4.1/cs01/ecf-webservices-v4.1-cs01.zip
***************************

Electronic Court Filing Version 5.01
Committee Specification 01
29 September 2023

Editable source (Authoritative):
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/cs01/ecf-v5.01-cs01.docx
HTML:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/cs01/ecf-v5.01-cs01.html
PDF:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/cs01/ecf-v5.01-cs01.pdf
XML schemas and Genericode code lists:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/cs01/schema/
XML example messages:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/cs01/examples/
Model and documentation:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/cs01/model/
UML model artifacts:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/cs01/uml/
Complete package in ZIP file:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/cs01/ecf-v5.01-cs01.zip
************************

Electronic Court Filing Web Services Service Interaction Profile Version 5.01
Committee Specification 01
29 September 2023

Editable source (Authoritative):
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/cs01/ecf-webservices-v5.01-cs01.docx
HTML:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/cs01/ecf-webservices-v5.01-cs01.html
PDF:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/cs01/ecf-webservices-v5.01-cs01.pdf
WSDL schemas:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/cs01/schema/
XML WSDL examples:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/cs01/examples/
Complete package in ZIP file:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/cs01/ecf-webservices-v5.01-cs01.zip
***************************

Implementation Guidance for Electronic Court Filing Version 4.1
Committee Note 01
16 October 2023

Editable source (Authoritative):
https://docs.oasis-open.org/legalxml-courtfiling/ecf-guide/v4.1/cn01/ecf-guide-v4.1-cn01.docx
HTML:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-guide/v4.1/cn01/ecf-guide-v4.1-cn01.html
PDF:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-guide/v4.1/cn01/ecf-guide-v4.1-cn01.pdf
Complete package in ZIP file:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-guide/v4.1/cn01/ecf-guide-v4.1-cn01.zip
***************************

Members of the ECF TC [1] approved these specifications by Special Majority Vote. The specifications had been released for public review as required by the TC Process [2]. The vote to approve as Committee Specifications passed [3], and the documents are now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving these milestones and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

========== Additional references:
[1] OASIS LegalXML Electronic Court Filing TC
https://www.oasis-open.org/committees/legalxml-courtfiling/

[2] History of publications, including public reviews:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/csd02/ecf-v4.1-csd02-public-review-metadata.html
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v4.1/csd02/ecf-webservices-v4.1-csd02-public-review-metadata.html
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd03/ecf-v5.01-csd03-public-review-metadata.html
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/csd03/ecf-webservices-v5.01-csd03-public-review-metadata.html

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=3796

Invitation to comment on Virtual I/O Device (VIRTIO) Version 1.3

OASIS and the OASIS Virtual I/O Device (VIRTIO) TC are pleased to announce that Virtual I/O Device (VIRTIO) Version 1.3 is now available for public review and comment.

Specification Overview

This document describes the specifications of the ‘virtio’ family of devices. These devices are found in virtual environments, yet by design they look like physical devices to the guest within the virtual machine – and this document treats them as such. This similarity allows the guest to use standard drivers and discovery mechanisms. The purpose of virtio and this specification is that virtual environments and guests should have a straightforward, efficient, standard and extensible mechanism for virtual devices, rather than boutique per-environment or per-OS mechanisms.

The documents and related files are available here:

Virtual I/O Device (VIRTIO) Version 1.3
Committee Specification Draft 01
06 October 2023

Editable source (Authoritative):
https://docs.oasis-open.org/virtio/virtio/v1.3/csd01/tex/
HTML:
https://docs.oasis-open.org/virtio/virtio/v1.3/csd01/virtio-v1.3-csd01.html
PDF:
https://docs.oasis-open.org/virtio/virtio/v1.3/csd01/virtio-v1.3-csd01.pdf
Example driver listing:
https://docs.oasis-open.org/virtio/virtio/v1.3/csd01/listings/
PDF file marked to indicate changes from Version 1.2 Committee Specification 01:
https://docs.oasis-open.org/virtio/virtio/v1.3/csd01/virtio-v1.3-csd01-diff-from-v1.2-cs01.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/virtio/virtio/v1.3/csd01/virtio-v1.3-csd01.zip

A public review metadata record documenting this and any previous public reviews is available at:
https://docs.oasis-open.org/virtio/virtio/v1.3/csd01/virtio-v1.3-csd01-public-review-metadata.html

How to Provide Feedback

OASIS and the OASIS Virtual I/O Device (VIRTIO) TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

The public review starts 09 November 2023 at 00:00 UTC and ends 08 December 2023 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=virtio).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:

https://lists.oasis-open.org/archives/virtio-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the VIRTIO TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/virtio/

Additional references:

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://github.com/oasis-tcs/virtio-admin/blob/master/IPR.md
https://www.oasis-open.org/policies-guidelines/ipr/#Non-Assertion-Mode
Non-Assertion Mode

Invitation to comment on CACAO Security Playbooks v2.0

OASIS and the OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Security TC are pleased to announce that CACAO Security Playbooks v2.0 is now available for public review and comment. This 15-day review is the fourth public review for Version 2.0 of this specification.

About the specification draft:

To defend against threat actors and their tactics, techniques, and procedures, organizations need to identify, create, document, and test detection, investigation, prevention, mitigation, and remediation steps. These steps, when grouped together, form a cyber security playbook that can be used to protect organizational systems, networks, data, and users.

This specification defines the schema and taxonomy for cybersecurity playbooks and how cybersecurity playbooks can be created, documented, and shared in a structured and standardized way across organizational boundaries and technological solutions.

The documents and related files are available here:

CACAO Security Playbooks Version 2.0
Committee Specification Draft 05
24 October 2023

Editable source (Authoritative):
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd05/security-playbooks-v2.0-csd05.docx
HTML:
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd05/security-playbooks-v2.0-csd05.html
PDF:
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd05/security-playbooks-v2.0-csd05.pdf
PDF marked with changes since previous public review:
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd05/security-playbooks-v2.0-csd05-DIFF.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd05/security-playbooks-v2.0-csd05.zip

How to Provide Feedback

OASIS and the CACAO TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

The public review starts 31 October 2023 at 00:00 UTC and ends 14 November 2023 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility, which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=cacao).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/cacao-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the CACAO TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/cacao/

Additional information related to this public review, including a complete publication and review history, can be found in the public review metadata document [3].

Additional references:

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/cacao/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#Non-Assertion-Mode
Non-Assertion Mode

[3] Public review metadata document:
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd05/security-playbooks-v2.0-csd05-public-review-metadata.html

Universal Business Language v2.4 from the UBL TC approved as a Committee Specification

OASIS is pleased to announce that Universal Business Language Version 2.4 from the OASIS Universal Business Language TC [1] has been approved as an OASIS Committee Specification.

UBL is the leading interchange format for business documents. It is designed to operate within a standard business framework such as ISO/IEC 15000 (ebXML) to provide a complete, standards-based infrastructure that can extend the benefits of existing EDI systems to businesses of all sizes. The European Commission has declared UBL officially eligible for referencing in tenders from public administrations, and in 2015 UBL was approved as ISO/IEC 19845:2015.

Specifically, UBL provides:
– A suite of structured business objects and their associated semantics expressed as reusable data components and common business documents.
– A library of schemas for reusable data components such as Address, Item, and Payment, the common data elements of everyday business documents.
– A set of schemas for common business documents such as Order, Despatch Advice, and Invoice that are constructed from the UBL library components and can be used in generic procurement and transportation contexts.

UBL v2.4 is a minor revision to v2.3 that preserves backwards compatibility with previous v2.# versions. It adds new document types, bringing the total number of UBL business documents to 93.

This Committee Specification is an OASIS deliverable, completed and approved by the TC and fully ready for testing and implementation.

The prose specifications and related files are available here:

Universal Business Language Version 2.4
Committee Specification 01
17 October 2023

Editable source (Authoritative):
https://docs.oasis-open.org/ubl/cs01-UBL-2.4/UBL-2.4.xml
HTML:
https://docs.oasis-open.org/ubl/cs01-UBL-2.4/UBL-2.4.html
PDF:
https://docs.oasis-open.org/ubl/cs01-UBL-2.4/UBL-2.4.pdf
Code lists for constraint validation:
https://docs.oasis-open.org/ubl/cs01-UBL-2.4/cl/
Context/value Association files for constraint validation:
https://docs.oasis-open.org/ubl/cs01-UBL-2.4/cva/
Document models of information bundles:
https://docs.oasis-open.org/ubl/cs01-UBL-2.4/mod/
Default validation test environment:
https://docs.oasis-open.org/ubl/cs01-UBL-2.4/val/
XML examples:
https://docs.oasis-open.org/ubl/cs01-UBL-2.4/xml/
Annotated XSD schemas:
https://docs.oasis-open.org/ubl/cs01-UBL-2.4/xsd/
Runtime XSD schemas:
https://docs.oasis-open.org/ubl/cs01-UBL-2.4/xsdrt/

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file at:
https://docs.oasis-open.org/ubl/cs01-UBL-2.4/UBL-2.4.zip

Members of the UBL TC [1] approved this specification by Special Majority Vote. The specification had been released for public review as required by the TC Process [2]. The vote to approve as a Committee Specification passed [3], and the document is now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

========== Additional references:
[1] OASIS Universal Business Language TC
https://www.oasis-open.org/committees/ubl/

[2] History of publication, including public reviews:
https://docs.oasis-open.org/ubl/csd02-UBL-2.4/UBL-2.4-csd02-public-review-metadata.html

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=3799

No results with the selected filters