Invitation to comment on Universal Business Language v2.4 from the UBL TC

OASIS and the OASIS Universal Business Language TC are pleased to announce that Universal Business Language Version 2.4 is now available for public review and comment. This is the first public review for Universal Business Language Version 2.4.

About the specification draft:

UBL is the leading interchange format for business documents. It is designed to operate within a standard business framework such as ISO/IEC 15000 (ebXML) to provide a complete, standards-based infrastructure that can extend the benefits of existing EDI systems to businesses of all sizes. The European Commission has declared UBL officially eligible for referencing in tenders from public administrations, and in 2015 UBL was approved as ISO/IEC 19845:2015.

Specifically, UBL provides:
– A suite of structured business objects and their associated semantics expressed as reusable data components and common business documents.
– A library of schemas for reusable data components such as Address, Item, and Payment, the common data elements of everyday business documents.
– A set of schemas for common business documents such as Order, Despatch Advice, and Invoice that are constructed from the UBL library components and can be used in generic procurement and transportation contexts.

UBL v2.4 is a minor revision to v2.3 that preserves backwards compatibility with previous v2.# versions. It adds new document types, bringing the total number of UBL business documents to 93. As with previous UBL releases, the UBL 2.4 library is designed to support the construction of a wide variety of document types beyond those provided in the 2.4 package.

The specification documents and related files are available here:

Universal Business Language Version 2.4
Committee Specification Draft 01
08 February 2023

Editable source (Authoritative):
https://docs.oasis-open.org/ubl/csd01-UBL-2.4/UBL-2.4.xml
HTML:
https://docs.oasis-open.org/ubl/csd01-UBL-2.4/UBL-2.4.html
PDF:
https://docs.oasis-open.org/ubl/csd01-UBL-2.4/UBL-2.4.pdf
Code lists for constraint validation:
https://docs.oasis-open.org/ubl/csd01-UBL-2.4/cl/
Context/value Association files for constraint validation:
https://docs.oasis-open.org/ubl/csd01-UBL-2.4/cva/
Document models of information bundles:
https://docs.oasis-open.org/ubl/csd01-UBL-2.4/mod/
Default validation test environment:
https://docs.oasis-open.org/ubl/csd01-UBL-2.4/val/
XML examples:
https://docs.oasis-open.org/ubl/csd01-UBL-2.4/xml/
Annotated XSD schemas:
https://docs.oasis-open.org/ubl/csd01-UBL-2.4/xsd/
Runtime XSD schemas:
https://docs.oasis-open.org/ubl/csd01-UBL-2.4/xsdrt/

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file at:
https://docs.oasis-open.org/ubl/csd01-UBL-2.4/UBL-2.4.zip

How to Provide Feedback

OASIS and the UBL TC value your feedback. We solicit feedback from potential users, developers and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

This public review starts 07 March 2023 at 00:00 UTC and ends 05 April 2023 at 11:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=ubl).

Comments submitted by TC non-members for this work and for other work of this TC is publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/ubl-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with the public review of this work, we call your attention to the OASIS IPR Policy [4] applicable especially [5] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about this specification and the UBL TC may be found on the TC’s public home page:
https://www.oasis-open.org/committees/ubl/

Additional information related to this public review, including a complete publication and review history, can be found in the public review metadata document [3].

Additional references:

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/ubl/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#RF-on-Limited-Mode
RF on Limited Terms Mode

[3] Public review metadata document:
https://docs.oasis-open.org/ubl/csd01-UBL-2.4/UBL-2.4-csd01-public-review-metadata.html

Invitation to comment on CACAO Security Playbooks v2.0

OASIS and the OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Security TC are pleased to announce that CACAO Security Playbooks v2.0 is now available for public review and comment. This 30-day review is the first public review for Version 2.0 of this specification.

About the specification draft:

To defend against threat actors and their tactics, techniques, and procedures, organizations need to identify, create, document, and test detection, investigation, prevention, mitigation, and remediation steps. These steps, when grouped together, form a cyber security playbook that can be used to protect organizational systems, networks, data, and users.

This specification defines the schema and taxonomy for cybersecurity playbooks and how cybersecurity playbooks can be created, documented, and shared in a structured and standardized way across organizational boundaries and technological solutions.

The documents and related files are available here:

CACAO Security Playbooks Version 2.0
Committee Specification Draft 01
21 February 2023

Editable source (Authoritative):
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd01/security-playbooks-v2.0-csd01.docx
HTML:
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd01/security-playbooks-v2.0-csd01.html
PDF:
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd01/security-playbooks-v2.0-csd01.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd01/security-playbooks-v2.0-csd01.zip

How to Provide Feedback

OASIS and the CACAO TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

The public review starts 28 February 2023 at 00:00 UTC and ends 29 March 2023 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility, which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=cacao).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/cacao-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the CACAO TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/cacao/

Additional information related to this public review, including a complete publication and review history, can be found in the public review metadata document [3].

========== Additional references:

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/cacao/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#Non-Assertion-Mode
Non-Assertion Mode

[3] Public review metadata document:
https://docs.oasis-open.org/cacao/security-playbooks/v2.0/csd01/security-playbooks-v2.0-csd01-public-review-metadata.html

Invitation to comment on Electronic Court Filing v4.1 and ECF Web Services SIP v4.1 from the ECF TC

We are pleased to announce that Electronic Court Filing Version 4.1 and Electronic Court Filing Web Services Service Interaction Profile Version 4.1 from the LegalXML Electronic Court Filing TC [1] are now available for public review and comment. This is the first public review for Version 4.1 of these specifications.

ECF defines a technical architecture and a set of components, operations and message structures for an electronic court filing system, and sets forth rules governing its implementation.

LegalXML Electronic Court Filing Version 4.1 (ECF v4.1) consists of a set of non-proprietary XML and Web Services specifications, along with clarifying explanations and amendments to those specifications, that have been added for the purpose of promoting interoperability among electronic court filing vendors and systems. ECF Version 4.1 is a maintenance release to address several minor schema and definition issues identified by implementers of the ECF 4.0 and 4.01 specifications.

Electronic Court Filing Web Services Service Interaction Profile defines a Service Interaction Profile, as defined in section 5 of the ECF v4.1 specification. The Web Services Service Interaction Profile may be used to transmit ECF 4.1 messages between Internet-connected systems.

The documents and related files are available here:

Electronic Court Filing Version 4.1
Committee Specification Draft 01
07 December 2022

Editable source (Authoritative):
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/csd01/ecf-v4.1-csd01.docx
HTML:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/csd01/ecf-v4.1-csd01.html
PDF:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/csd01/ecf-v4.1-csd01.pdf
XML schemas:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/csd01/xsd/
XML sample messages:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/csd01/xml/
Model and documentation:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/csd01/model/
Genericode code lists:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/csd01/gc/
Specification metadata:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/csd01/xsd/metadata.xml
Complete package in ZIP file:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/csd01/ecf-v4.1-csd01.zip
Additional information about this and any previous public reviews is published in the public review metadata record:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v4.1/csd01/ecf-v4.1-csd01-public-review-metadata.html
************************

Electronic Court Filing Web Services Service Interaction Profile Version 4.1
Committee Specification Draft 01
07 December 2022

Editable source (Authoritative):
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v4.1/csd01/ecf-webservices-v4.1-csd01.docx
HTML:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v4.1/csd01/ecf-webservices-v4.1-csd01.html
PDF:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v4.1/csd01/ecf-webservices-v4.1-csd01.pdf
WSDL files:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v4.1/csd01/wsdl/
WSDL examples:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v4.1/csd01/wsdl/examples/
Complete package in ZIP file:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v4.1/csd01/ecf-webservices-v4.1-csd01.zip
Additional information about this and any previous public reviews is published in the public review metadata record:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v4.1/csd01/ecf-webservices-v4.1-csd01-public-review-metadata.html

How to Provide Feedback

OASIS and the LegalXML Electronic Court Filing TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

The public reviews start 03 February 2023 at 00:00 UTC and end 04 March 2023 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=legalxml-courtfiling).

Comments should clearly identify which of these two specifications they address.

Feedback submitted by TC non-members for these works and for other work of this TC is publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/legalxml-courtfiling-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [2] applicable especially [3] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about this specification and the ECF TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/legalxml-courtfiling/

Additional references:
[1] OASIS LegalXML Electronic Court Filing TC
https://www.oasis-open.org/committees/legalxml-courtfiling/
[2] https://www.oasis-open.org/policies-guidelines/ipr/
[3] https://www.oasis-open.org/committees/legalxml-courtfiling/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#RF-on-Limited-Mode
RF on Limited Terms Mode

Invitation to comment on Electronic Court Filing v5.01 and ECF Web Services SIP v5.01

We are pleased to announce that Electronic Court Filing Version 5.01 and Electronic Court Filing Web Services Service Interaction Profile Version 5.01 from the LegalXML Electronic Court Filing TC [1] are now available for public review and comment. This is the second public review for Version 5.01 of these two specifications.

ECF defines a technical architecture and a set of components, operations and message structures for an electronic court filing system, and sets forth rules governing its implementation.

Electronic Court Filing Version 5.01 (ECF v5.01) consists of a set of non-proprietary XML and Web Services specifications developed to promote interoperability among electronic court filing vendors and systems. ECF v5.01 is a minor release that adds new functionality and capabilities beyond the scope of the ECF 5,0, 4.0 and 4.01 specifications that it supersedes.

Electronic Court Filing Web Services Service Interaction Profile defines a Service Interaction Profile (SIP), as defined in section 7 of the ECF v5.01 specification. The Web Services SIP may be used to transmit ECF 5.01 messages between Internet-connected systems.

The documents and related files are available here:

Electronic Court Filing Version 5.01
Committee Specification Draft 02
06 December 2022

Editable source (Authoritative):
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd02/ecf-v5.01-csd02.docx
HTML:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd02/ecf-v5.01-csd02.html
PDF:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd02/ecf-v5.01-csd02.pdf
XML schemas and Genericode code lists:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd02/schema/
XML example messages:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd02/examples/
Model and documentation:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd02/model/
UML model artifacts:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd02/uml/
Complete package in ZIP file:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd02/ecf-v5.01-csd02.zip
Public review metadata record:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd02/ecf-v5.01-csd02-public-review-metadata.html
************************

Electronic Court Filing Web Services Service Interaction Profile Version 5.01
Committee Specification Draft 02
06 December 2022

Editable source (Authoritative):
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/csd02/ecf-webservices-v5.01-csd02.docx
HTML:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/csd02/ecf-webservices-v5.01-csd02.html
PDF:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/csd02/ecf-webservices-v5.01-csd02.pdf
WSDL schemas:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/csd02/schema/
XML WSDL examples:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/csd02/examples/
Complete package in ZIP file:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/csd02/ecf-webservices-v5.01-csd02.zip
Public review metadata record:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/csd02/ecf-webservices-v5.01-csd02-public-review-metadata.html
***************************

How to Provide Feedback

OASIS and the LegalXML Electronic Court Filing TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

The public reviews start 19 January 2023 at 00:00 UTC and end 02 February 2023 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=legalxml-courtfiling).

Comments should clearly identify which of these two specifications they address.

Feedback submitted by TC non-members for these works and for other work of this TC is publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/legalxml-courtfiling-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [2] applicable especially [3] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about this specification and the ECF TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/legalxml-courtfiling/

Additional references:
[1] OASIS LegalXML Electronic Court Filing TC
https://www.oasis-open.org/committees/legalxml-courtfiling/
[2] https://www.oasis-open.org/policies-guidelines/ipr/
[3] https://www.oasis-open.org/committees/legalxml-courtfiling/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#RF-on-Limited-Mode
RF on Limited Terms Mode

OSLC Tracked Resource Set v3.0 Project Specification 02 approved by the OSLC Open Project

OASIS is pleased to announce that OSLC Tracked Resource Set Version 3.0 from the Open Services for Lifecycle Collaboration Open Project [1] has been approved as an OASIS Project Specification.

Managing change and configuration in a complex systems development lifecycle is very difficult, especially in heterogeneous environments that include homegrown tools, open source projects, and commercial tools from different vendors. The OSLC initiative applies World Wide Web and Linked Data principles to enable interoperation of change, configuration, and asset management processes across a product’s entire application and product lifecycle.

The Tracked Resource Set protocol allows a server to expose a set of resources in a way that allows clients to discover that set of resources, to track additions to and removals from the set, and to track state changes to the resources in the set. The protocol does not assume that clients will dereference the resources, but they could do so. The protocol is suitable for dealing with sets containing a large number of resources, as well as highly active resource sets that undergo continual change. The protocol is HTTP-based and follows RESTful principles.

This Project Specification is an OASIS deliverable, completed and approved by the OP’s Project Governing Board and fully ready for testing and implementation. The applicable open source licenses can be found in the project’s administrative repository at https://github.com/oslc-op/oslc-admin/blob/master/LICENSE.md.

The specification and related files are available at:

OSLC Tracked Resource Set Version 3.0
Project Specification 02
24 November 2022

– OSLC Tracked Resource Set Version 3.0. Part 1: Specification
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/ps02/tracked-resource-set.html
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/ps02/tracked-resource-set.pdf

– OSLC Tracked Resource Set Version 3.0. Part 2: Vocabulary
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/ps02/tracked-resource-set-vocab.html
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/ps02/tracked-resource-set-vocab.pdf

– OSLC Tracked Resource Set Version 3.0. Part 3: Constraints
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/ps02/tracked-resource-set-shapes.html
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/ps02/tracked-resource-set-shapes.pdf

– OSLC Tracked Resource Set RDF Vocabulary definitions file:
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/ps02/trs-vocab.ttl

– OSLC Tracked Resource Set Resource Shape Constraints definitions file:
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/ps02/trs-shapes.ttl

Distribution ZIP file

For your convenience, OASIS provides a complete package of the specification and related files in a ZIP distribution file. You can download the ZIP file at:
https://docs.oasis-open-projects.org/oslc-op/trs/v3.0/ps02/trs-v3.0-ps02.zip

Members of the OSLC OP Project Governing Board approved this specification by Special Majority Votes [2] as required by the Open Project rules [3].

Our congratulations to the participants and contributors in the Open Services for Lifecycle Collaboration Open Project on their achieving this milestone.

Additional references:

[1] Open Services for Lifecycle Collaboration Open Project
https://open-services.net/

[2] Approval ballot:
https://lists.oasis-open-projects.org/g/oslc-op/message/1048

[3] https://www.oasis-open.org/policies-guidelines/open-projects-process/

OSLC PROMCODE v1.0 Errata 02 approved

We are pleased to announce that OSLC PROMCODE v1.0 Errata 02 from the OSLC PROMCODE TC is now an Approved Errata.

This document lists errata for the OASIS Standard “OSLC PROMCODE Version 1.0.” As described in the document, there are changes to the published OASIS Standard documents for Part 1: Specification and Part 3: Constraints. Changes have also been made to the two machine-readable “turtle” files (promcode-vocab.ttl and promcode-shapes.ttl). As required by OASIS policy, these are not Material Changes.

OSLC PROMCODE Version 1.0 defines the overall approach to PROMCODE (PROject Management of COntracted DElivery) based on the Open Services for Lifecycle Collaboration (OSLC) Core 3.0 [OSLCCore3] Specification.

The documents and related files are available here:

OSLC PROMCODE Version 1.0 Errata 02
Approved Errata
09 December 2022

HTML:
https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata02/os/promcode-v1.0-errata02-os.html (Authoritative)
PDF:
https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata02/os/promcode-v1.0-errata02-os.pdf

Machine-readable files
– Vocabulary terms: https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata02/os/promcode-vocab.ttl
– Constraints: https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata02/os/promcode-shapes.ttl

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata02/os/promcode-v1.0-errata02-os.zip

Members of the OSLC PROMCODE TC approved Errata 02 by Full Majority Vote. The specification had been released for public review as required by the TC Process [2]. The vote to approve as Approved Errata passed [3], and the document is now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

Additional information about the specification and the OSLC PROMCODE TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/oslc-promcode/

========== Additional references:

[1] OASIS OSLC Lifecycle Integration for Project Management of Contracted Delivery (OSLC PROMCODE) TC
https://www.oasis-open.org/committees/oslc-promcode/

[2] Public review:
* 15-day public review began 23 November 2022
Announcement email: https://lists.oasis-open.org/archives/oslc-promcode/202211/msg00004.html
https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata02/csd01/promcode-v1.0-errata02-csd01-public-review-metadata.html

[3] Meeting minutes:
https://wiki.oasis-open.org/oslc-promcode/telecon%20December%209%2C%202022

STIX™ Best Practices Guide Version 1.0.0 published by CTI TC

OASIS is pleased to announce publication of “STIX™ Best Practices Guide Version 1.0.0”, a Committee Note from the members of the OASIS Cyber Threat Intelligence (CTI) TC [1].

This guide suggests best practices to use for STIX content, considering both the normative statements in the specification, as well as considerations beyond the specification.

The Committee Note is available here:

STIX™ Best Practices Guide Version 1.0.0
Committee Note 01
15 September 2022

Editable source (Authoritative):
https://docs.oasis-open.org/cti/stix-bp/v1.0.0/cn01/stix-bp-v1.0.0-cn01.docx

HTML:
https://docs.oasis-open.org/cti/stix-bp/v1.0.0/cn01/stix-bp-v1.0.0-cn01.html

PDF:
https://docs.oasis-open.org/cti/stix-bp/v1.0.0/cn01/stix-bp-v1.0.0-cn01.pdf

For your convenience, OASIS provides a complete package of the Committee Note that you can download here:
https://docs.oasis-open.org/cti/stix-bp/v1.0.0/cn01/stix-bp-v1.0.0-cn01.zip

Members of the CTI TC approved this Committee Note by a Full Majority vote on 15 September 2022 as documented in the TC minutes [2].

Our congratulations to all the members of the TC.

Additional references

[1] OASIS Cyber Threat Intelligence (CTI) TC
https://www.oasis-open.org/committees/cti/

[2] Approval
https://www.oasis-open.org/committees/download.php/70342/09.2022%20-%20Session%201%20-%20OASIS-CTI-TC_Monthly_Meeting.docx.pdf

Open Command and Control (OpenC2) Architecture v1.0 approved as a Committee Specification

OASIS is pleased to announce that Open Command and Control (OpenC2) Architecture Specification Version 1.0 from the OASIS Open Command and Control (OpenC2) TC [1] has been approved as an OASIS Committee Specification.

Cyberattacks are increasingly sophisticated, less expensive to execute, dynamic and automated. The provision of cyber defense via statically configured products operating in isolation is untenable. Standardized interfaces, protocols and data models will facilitate the integration of the functional blocks within a system and between systems. Open Command and Control (OpenC2) is a concise and extensible language to enable machine-to-machine communications for purposes of command and control of cyber defense components, subsystems and/or systems in a manner that is agnostic of the underlying products, technologies, transport mechanisms or other aspects of the implementation.

The OpenC2 Architecture Specification describes the abstract architecture of OpenC2 to define a common understanding of the messages and interactions for all bindings and serializations.

This Committee Specification is an OASIS deliverable, completed and approved by the TC and fully ready for testing and implementation.

The prose specifications and related files are available here:

Open Command and Control (OpenC2) Architecture Specification Version 1.0
Committee Specification 01
30 September 2022

Editable source:
https://docs.oasis-open.org/openc2/oc2arch/v1.0/cs01/oc2arch-v1.0-cs01.md (Authoritative)
HTML:
https://docs.oasis-open.org/openc2/oc2arch/v1.0/cs01/oc2arch-v1.0-cs01.html
PDF:
https://docs.oasis-open.org/openc2/oc2arch/v1.0/cs01/oc2arch-v1.0-cs01.pdf

The non-material changes since the most recent public review are documented in:
https://docs.oasis-open.org/openc2/oc2arch/v1.0/cs01/oc2arch-v1.0-cs01-DIFF.pdf.

Distribution ZIP file
For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:
https://docs.oasis-open.org/openc2/oc2arch/v1.0/cs01/oc2arch-v1.0-cs01.zip

Members of the OpenC2 TC [1] approved this specification by Special Majority Vote. The specification had been released for public review as required by the TC Process [2]. The vote to approve as a Committee Specification with non-material changes passed [3], and the document is now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

Additional references

[1] OASIS Open Command and Control (OpenC2) TC
https://www.oasis-open.org/committees/openc2/

[2] Public review and comment resolution timeline:
https://docs.oasis-open.org/openc2/oc2arch/v1.0/csd02/oc2arch-v1.0-csd02-public-review-metadata.html
– Most recent comment resolution log:
https://docs.oasis-open.org/openc2/oc2arch/v1.0/csd02/oc2arch-v1.0-csd02-comment-resolution-log.pdf

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=3729

PKCS #11 Specification v3.1 from PKCS 11 TC approved as a Committee Specification

OASIS is pleased to announce that PKCS #11 Specification Version 3.1 from the OASIS PKCS 11 TC [1] has been approved as an OASIS Committee Specification.

The Public Key Cryptography Standards (PKCS) are a group of public-key cryptography standards devised and published by RSA Security LLC, starting in the early 1990s. The OASIS PKCS 11 Technical Committee addresses the ongoing enhancement and maintenance of the PKCS #11 standard.

PKCS #11 Specification Version 3.1 defines a platform-independent API to cryptographic tokens, such as hardware security modules and smart cards. The API itself is named “Cryptoki” (from “cryptographic token interface” and pronounced as “crypto-key”). This specification defines data types, functions and other basic components of the PKCS #11 Cryptoki interface for devices that may hold cryptographic information and may perform cryptographic functions. It also defines mechanisms that are anticipated for use with the current version of PKCS #11.

This Committee Specification is an OASIS deliverable, completed and approved by the TC and fully ready for testing and implementation.

The prose specifications and related files are available here:

PKCS #11 Specification Version 3.1
Committee Specification 01
11 August 2022

PDF (Authoritative):
https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/cs01/pkcs11-spec-v3.1-cs01.pdf
HTML:
https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/cs01/pkcs11-spec-v3.1-cs01.html
Editable source:
https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/cs01/pkcs11-spec-v3.1-cs01.docx
PKCS #11 header files:
https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/cs01/include/pkcs11-v3.1/

The changes since the previous publication are marked in:
https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/cs01/pkcs11-spec-v3.1-cs01-DIFF.pdf

Distribution ZIP file

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:
https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/cs01/pkcs11-spec-v3.1-cs01.zip

Members of the PKCS 11 TC [1] approved this specification by Special Majority Vote. The specification had been released for public review as required by the TC Process [2]. The vote to approve as a Committee Specification passed [3], and the document is now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

Additional references:

[1] OASIS PKCS 11 TC
https://www.oasis-open.org/committees/pkcs11/

[2] Public review timeline:
Details of the public reviews are listed in:
https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/csd01/pkcs11-spec-v3.1-csd01-public-review-metadata.html
Comment resolution log for most recent public review:
https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/csd01/pkcs11-spec-v3.1-csd01-comment-resolution-log.pdf

[3] Approval ballots:
https://www.oasis-open.org/committees/ballot.php?id=3716
https://www.oasis-open.org/committees/ballot.php?id=3723

Common Security Advisory Framework v2.0 from CSAF TC approved as revised Committee Specification

OASIS is pleased to announce that Common Security Advisory Framework Version 2.0 from the OASIS Common Security Advisory Framework (CSAF) TC [1] has been approved as an OASIS Committee Specification. This is the third publication of CSAF v2.0 as a Committee Specification.

The Common Security Advisory Framework (CSAF) is a language to exchange Security Advisories formulated in JSON. CSAF v2.0 is the definitive reference for the language which supports creation, update, and interoperable exchange of security advisories as structured information on products, vulnerabilities and the status of impact and remediation among interested parties.

This Committee Specification is an OASIS deliverable, completed and approved by the TC and fully ready for testing and implementation.

The documents and related files are available here:

Common Security Advisory Framework Version 2.0
Committee Specification 03
01 August 2022

Editable source (Authoritative):
https://docs.oasis-open.org/csaf/csaf/v2.0/cs03/csaf-v2.0-cs03.md
HTML:
https://docs.oasis-open.org/csaf/csaf/v2.0/cs03/csaf-v2.0-cs03.html
PDF:
https://docs.oasis-open.org/csaf/csaf/v2.0/cs03/csaf-v2.0-cs03.pdf
JSON schemas:
– Aggregator: https://docs.oasis-open.org/csaf/csaf/v2.0/cs03/schemas/aggregator_json_schema.json
– CSAF: https://docs.oasis-open.org/csaf/csaf/v2.0/cs03/schemas/csaf_json_schema.json
– Provider: https://docs.oasis-open.org/csaf/csaf/v2.0/cs03/schemas/provider_json_schema.json
The changes since the previous publication are marked in:
https://docs.oasis-open.org/csaf/csaf/v2.0/cs03/csaf-v2.0-cs03-DIFF.pdf
Issues resolved after previous publication (CS02) are individually tracked in:
https://docs.oasis-open.org/csaf/csaf/v2.0/cs02/csaf-v2.0-cs02-comment-resolution-log.pdf

Distribution ZIP file
For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:
https://docs.oasis-open.org/csaf/csaf/v2.0/cs03/csaf-v2.0-cs03.zip

Members of the CSAF TC [1] approved this specification by Special Majority Vote. The specification had been released for public review as required by the TC Process [2]. The vote to approve as a Committee Specification passed [3], and the document is now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

========== Additional references:

[1] OASIS Common Security Advisory Framework (CSAF) TC
https://www.oasis-open.org/committees/csaf/

[2] Public reviews:
Details of the previous public reviews are listed in:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02-public-review-metadata.html

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=3721

Invitation to comment on Open Command and Control (OpenC2) Architecture Specification v1.0

OASIS and the OASIS Open Command and Control (OpenC2) TC are pleased to announce that Open Command and Control (OpenC2) Architecture Specification Version 1.0 is now available for public review and comment. This is the first public review for this specification.

Cyberattacks are increasingly sophisticated, less expensive to execute, dynamic and automated. The provision of cyber defense via statically configured products operating in isolation is untenable. Standardized interfaces, protocols and data models will facilitate the integration of the functional blocks within a system and between systems. Open Command and Control (OpenC2) is a concise and extensible language to enable machine-to-machine communications for purposes of command and control of cyber defense components, subsystems and/or systems in a manner that is agnostic of the underlying products, technologies, transport mechanisms or other aspects of the implementation. A high level overview of OpenC2 featuring insights from the Technical Director of NSA’s Capabilities Directorate can be viewed at https://www.youtube.com/watch?v=kCooyNJoOrU.

This specification describes the abstract architecture of OpenC2 to define a common understanding of the messages and interactions for all bindings and serializations.

The documents and related files are available here:

Open Command and Control (OpenC2) Architecture Specification Version 1.0
Committee Specification Draft 02
20 July 2022

Editable source (Authoritative):
https://docs.oasis-open.org/openc2/oc2arch/v1.0/csd02/oc2arch-v1.0-csd02.md

HTML:
https://docs.oasis-open.org/openc2/oc2arch/v1.0/csd02/oc2arch-v1.0-csd02.html

PDF:
https://docs.oasis-open.org/openc2/oc2arch/v1.0/csd02/oc2arch-v1.0-csd02.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/openc2/oc2arch/v1.0/csd02/oc2arch-v1.0-csd02.zip

How to Provide Feedback

OASIS and the OpenC2 TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

The public review starts 29 July 2022 at 00:00 UTC and ends 27 August 2022 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility, which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=openc2).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/openc2-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the OpenC2 TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/openc2/.

Additional information related to this and any previous public reviews can be found in the public review metadata document [3].

Additional references

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/openc2/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#Non-Assertion-Mode
Non-Assertion Mode

[3] Public review metadata document:
https://docs.oasis-open.org/openc2/oc2arch/v1.0/csd02/oc2arch-v1.0-csd02-public-review-metadata.html

PKCS #11 Profiles v3.1 from PKCS 11 TC approved as a Committee Specification

OASIS is pleased to announce that PKCS #11 Profiles Version 3.1 from the OASIS PKCS 11 TC [1] has been approved as an OASIS Committee Specification.

This document is intended for developers and architects who wish to design systems and applications that conform to the PKCS #11 Cryptographic Token Interface specification, which documents an API for devices that may hold cryptographic information and may perform cryptographic functions.

This Committee Specification is an OASIS deliverable, completed and approved by the TC and fully ready for testing and implementation.

The prose specifications and related files are available here:

PKCS #11 Profiles Version 3.1
Committee Specification 01
14 July 2022

PDF (Authoritative):
https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.1/cs01/pkcs11-profiles-v3.1-cs01.pdf
HTML:
https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.1/cs01/pkcs11-profiles-v3.1-cs01.html
Editable source:
https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.1/cs01/pkcs11-profiles-v3.1-cs01.docx

PKCS #11 test cases:
https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.1/cs01/test-cases/

Distribution ZIP file

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:
https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.1/cs01/pkcs11-profiles-v3.1-cs01.zip

Members of the PKCS 11 TC [1] approved this specification by Special Majority Vote. The specification had been released for public review as required by the TC Process [2]. The vote to approve as a Committee Specification passed [3], and the document is now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

Additional references

[1] OASIS PKCS 11 TC
https://www.oasis-open.org/committees/pkcs11/

[2] Public review timeline:
Details of the public reviews are listed in:
https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.1/csd02/pkcs11-profiles-v3.1-csd02-public-review-metadata.html
Comment resolution log for most recent public review:
https://docs.oasis-open.org/pkcs11/pkcs11-profiles/v3.1/csd02/pkcs11-profiles-v3.1-csd02-comment-resolution-log.txt

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=3717

No results with the selected filters