Common Security Advisory Framework v2.0 from CSAF TC approved as a Committee Specification

OASIS is pleased to announce that Common Security Advisory Framework Version 2.0 from the OASIS Common Security Advisory Framework (CSAF) TC [1] has been approved as an OASIS Committee Specification. This is the second publication of CSAF v2.0 as a Committee Specification.

The Common Security Advisory Framework (CSAF) is a language to exchange Security Advisories formulated in JSON. CSAF v2.0 is the definitive reference for the language which supports creation, update, and interoperable exchange of security advisories as structured information on products, vulnerabilities and the status of impact and remediation among interested parties.

This Committee Specification is an OASIS deliverable, completed and approved by the TC and fully ready for testing and implementation.

The documents and related files are available here:

Common Security Advisory Framework Version 2.0
Committee Specification 02
29 June 2022

Editable source (Authoritative):
https://docs.oasis-open.org/csaf/csaf/v2.0/cs02/csaf-v2.0-cs02.md
HTML:
https://docs.oasis-open.org/csaf/csaf/v2.0/cs02/csaf-v2.0-cs02.html
PDF:
https://docs.oasis-open.org/csaf/csaf/v2.0/cs02/csaf-v2.0-cs02.pdf
JSON schemas:
– Aggregator: https://docs.oasis-open.org/csaf/csaf/v2.0/cs02/schemas/aggregator_json_schema.json
– CSAF: https://docs.oasis-open.org/csaf/csaf/v2.0/cs02/schemas/csaf_json_schema.json
– Provider: https://docs.oasis-open.org/csaf/csaf/v2.0/cs02/schemas/provider_json_schema.json

The changes since the previous publication are marked in:
https://docs.oasis-open.org/csaf/csaf/v2.0/cs02/csaf-v2.0-cs02-DIFF.pdf

Distribution ZIP file

For your convenience, OASIS provides a complete package of the prose specification and related files in a ZIP distribution file. You can download the ZIP file here:
https://docs.oasis-open.org/csaf/csaf/v2.0/cs02/csaf-v2.0-cs02.zip

Members of the CSAF TC [1] approved this specification by Special Majority Vote. The specification had been released for public review as required by the TC Process [2]. The vote to approve as a Committee Specification passed [3], and the document is now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

Additional references

[1] OASIS Common Security Advisory Framework (CSAF) TC
https://www.oasis-open.org/committees/csaf/

[2] Public reviews:
Details of the previous public reviews are listed in:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02-public-review-metadata.html
Comment resolution log for most recent public review:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02-comment-resolution-log.md
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02-comment-resolution-log.pdf

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=3711

Invitation to comment on Electronic Court Filing v5.01 and ECF Web Services SIP v5.01

We are pleased to announce that Electronic Court Filing Version 5.01 and Electronic Court Filing Web Services Service Interaction Profile Version 5.01 from the LegalXML Electronic Court Filing TC [1] are now available for public review and comment. This is the first public review for Version 5.01 of these specifications.

ECF defines a technical architecture and a set of components, operations and message structures for an electronic court filing system, and sets forth rules governing its implementation.

Electronic Court Filing Version 5.01 (ECF v5.01) consists of a set of non-proprietary XML and Web Services specifications developed to promote interoperability among electronic court filing vendors and systems. ECF v5.01 is a minor release that adds new functionality and capabilities beyond the scope of the ECF 5,0, 4.0 and 4.01 specifications that it supersedes.

Electronic Court Filing Web Services Service Interaction Profile defines a Service Interaction Profile, as defined in section 7 of the ECF v5.01 specification. The Web Services Service Interaction Profile may be used to transmit ECF 5.01 messages between Internet-connected systems.

The documents and related files are available here:

Electronic Court Filing Version 5.01
Committee Specification Draft 01
23 May 2022

Editable source (Authoritative):
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd01/ecf-v5.01-csd01.docx
HTML:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd01/ecf-v5.01-csd01.html
PDF:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd01/ecf-v5.01-csd01.pdf
XML schemas and Genericode code lists:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd01/schema/
XML example messages:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd01/examples/
Model and documentation:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd01/model/
UML model artifacts:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd01/uml/
Complete package in ZIP file:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd01/ecf-v5.01-csd01.zip
Public review metadata record:
https://docs.oasis-open.org/legalxml-courtfiling/ecf/v5.01/csd01/ecf-v5.01-csd01-public-review-metadata.html
************************

Electronic Court Filing Web Services Service Interaction Profile Version 5.01
Committee Specification Draft 01
31 May 2022

Editable source (Authoritative):
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/csd01/ecf-webservices-v5.01-csd01.docx
HTML:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/csd01/ecf-webservices-v5.01-csd01.html
PDF:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/csd01/ecf-webservices-v5.01-csd01.pdf
WSDL schemas:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/csd01/schema/
XML WSDL examples:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/csd01/examples/
Complete package in ZIP file:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/csd01/ecf-webservices-v5.01-csd01.zip
Public review metadata record:
https://docs.oasis-open.org/legalxml-courtfiling/ecf-webservices/v5.01/csd01/ecf-webservices-v5.01-csd01-public-review-metadata.html
***************************

How to Provide Feedback

OASIS and the LegalXML Electronic Court Filing TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

The public reviews start 17 June 2022 at 00:00 UTC and end 16 July 2022 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=legalxml-courtfiling).

Comments should clearly identify which of these two specifications they address.

Feedback submitted by TC non-members for these works and for other work of this TC is publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/legalxml-courtfiling-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [2] applicable especially [3] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about this specification and the ECF TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/legalxml-courtfiling/

Additional references


[1] OASIS LegalXML Electronic Court Filing TC
https://www.oasis-open.org/committees/legalxml-courtfiling/
[2] https://www.oasis-open.org/policies-guidelines/ipr/
[3] https://www.oasis-open.org/committees/legalxml-courtfiling/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#RF-on-Limited-Mode
RF on Limited Terms Mode

OSLC Configuration Management v1.0 Project Specification 01 approved by the OSLC Open Project

OASIS is pleased to announce that OSLC Configuration Management Version 1.0 from the Open Services for Lifecycle Collaboration Open Project [1] has been approved as an OASIS Project Specification.

Managing change and configuration in a complex systems development lifecycle is very difficult, especially in heterogeneous environments that include homegrown tools, open source projects, and commercial tools from different vendors. The OSLC initiative applies World Wide Web and Linked Data principles to enable interoperation of change, configuration, and asset management processes across a product’s entire application and product lifecycle.

OSLC Configuration Management defines an RDF vocabulary and a set of REST APIs for managing versions and configurations of linked data resources from multiple domains.

This Project Specification is an OASIS deliverable, completed and approved by the OP’s Project Governing Board and fully ready for testing and implementation. The applicable open source licenses can be found in the project’s administrative repository at https://github.com/oslc-op/oslc-admin/blob/master/LICENSE.md.

The specification and related files are available at:

OSLC Configuration Management Version 1.0
Project Specification 01
30 May 2022

– OSLC Configuration Management Version 1.0. Part 1: Overview
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/ps01/oslc-config-mgt.html
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/ps01/oslc-config-mgt.pdf

– OSLC Configuration Management Version 1.0. Part 2: Versioned Resources
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/ps01/versioned-resources.html
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/ps01/versioned-resources.pdf

– OSLC Configuration Management Version 1.0. Part 3: Configuration Specification
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/ps01/config-resources.html
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/ps01/config-resources.pdf

– OSLC Configuration Management Version 1.0. Part 4: RDF Vocabulary
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/ps01/config-vocab.html
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/ps01/config-vocab.pdf

– OSLC Configuration Management machine readable “turtle” files:
Vocabulary Terms: https://docs.oasis-open-projects.org/oslc-op/config/v1.0/ps01/config-vocab.ttl
Vocabulary Constraints: https://docs.oasis-open-projects.org/oslc-op/config/v1.0/ps01/config-shapes.ttl

Distribution ZIP file

For your convenience, OASIS provides a complete package of the specification and related files in a ZIP distribution file. You can download the ZIP file at:
https://docs.oasis-open-projects.org/oslc-op/config/v1.0/ps01/config-v1.0-ps01.zip

Members of the OSLC OP Project Governing Board approved this specification by Special Majority Vote [2] as required by the Open Project rules [3].

Our congratulations to the participants and contributors in the Open Services for Lifecycle Collaboration Open Project on their achieving this milestone.

Additional references

[1] Open Services for Lifecycle Collaboration Open Project
https://open-services.net/

[2] Approval ballot:
– https://lists.oasis-open-projects.org/g/oslc-op-pgb/message/239

[3] https://www.oasis-open.org/policies-guidelines/open-projects-process

OSLC PROMCODE v1.0 Errata 01 from the OSLC PROMCODE TC approved

We are pleased to announce that OSLC PROMCODE v1.0 Errata 01 from the OSLC PROMCODE TC is now an Approved Errata.

This document lists errata for the OASIS Standard “OSLC PROMCODE Version 1.0.” As described in the document, there are no changes to the published textual documents of the OASIS Standard (Part 1: Specification, Part 2: Vocabulary, and Part 3: Constraints). Changes have been made only to the two machine-readable “turtle” files (promcode-vocab.ttl and promcode-shapes.ttl). As required by OASIS policy, these are not Material Changes. The modified “turtle” files are included in this publication.

OSLC PROMCODE Version 1.0 defines the overall approach to PROMCODE (PROject Management of COntracted DElivery) based on the Open Services for Lifecycle Collaboration (OSLC) Core 3.0 [OSLCCore3] Specification.

The documents and related files are available here:

OSLC PROMCODE Version 1.0 Errata 01
Approved Errata
03 June 2022

HTML:
https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/os/promcode-v1.0-errata01-os.html (Authoritative)
PDF:
https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/os/promcode-v1.0-errata01-os.pdf

Machine-readable files
Vocabulary terms: https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/os/promcode-vocab.ttl
Constraints: https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/os/promcode-shapes.ttl

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/os/promcode-v1.0-errata01-os.zip

Members of the OSLC PROMCODE TC approved Errata 01 by Full Majority Vote. The specification had been released for public review as required by the TC Process [2]. The vote to approve as Approved Errata passed [3], and the document is now available online in the OASIS Library as referenced above.

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

Additional information about the specification and the OSLC PROMCODE TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/oslc-promcode/

Additional references

[1] OASIS OSLC Lifecycle Integration for Project Management of Contracted Delivery (OSLC PROMCODE) TC
https://www.oasis-open.org/committees/oslc-promcode/

[2] Public review:
* 15-day public review began 19 May 2022
Announcement email: https://lists.oasis-open.org/archives/members/202205/msg00004.html
https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/csd01/promcode-v1.0-errata01-csd01-public-review-metadata.html

[3] Meeting minutes:
https://wiki.oasis-open.org/oslc-promcode/telecon%20June%203%2C%202022

Emerging Compute Models: Recommendations and Sample Profile v1.0 published by TOSCA TC

OASIS is pleased to announce publication of “Emerging Compute Models: Recommendations and Sample Profile Version 1.0,” a Committee Note from the members of the OASIS Topology and Orchestration Specification for Cloud Applications (TOSCA) TC [1].

This document discusses use-cases for TOSCA in the scope of emergent compute models such as function-as-a-service (FaaS) computing, internet-of-things/edge computing, and high-performance computing (HPC).

  • Emergent compute models reflect the adoption of one or more hybrid forms of cloud computing, thereby embedding at least two combinations of compute models such as (a) function-as-a-service (FaaS) computing; (b) internet-of-things/edge computing; (c) high-performance computing (HPC). In the scope of the Emergent Compute ad-Hoc (ECAH), we explored the aforementioned compute models with the key objectives of exploring and/or prototyping TOSCA-based constructs and patterns for (1) serverless and FaaS-computing orchestration; (2) edge-computing and edge-based data pipelines orchestration; (3) high-performance computing orchestration. In the scope of the aforementioned activities, this deliverable offers details over:
  • A series of use-cases for TOSCA usage in the scope of any of the aforementioned emergent compute models;
  • Best practices and tools for the use of TOSCA;
  • A working profile example to the TOSCA Language which supports Emergent Compute Paradigms (e.g., FaaS);
  • A set of recommended extensions w.r.t. features enrichment of the current TOSCA notation, e.g., policies or trusted data-sharing and orchestration in such an ambient.

The Committee Note is available here:

Emerging Compute Models: Recommendations and Sample Profile Version 1.0
Committee Note 01
28 April 2022

Editable source (Authoritative):
https://docs.oasis-open.org/tosca/ECAH-rec/v1.0/cn01/ECAH-rec-v1.0-cn01.docx

HTML:
https://docs.oasis-open.org/tosca/ECAH-rec/v1.0/cn01/ECAH-rec-v1.0-cn01.html

PDF:
https://docs.oasis-open.org/tosca/ECAH-rec/v1.0/cn01/ECAH-rec-v1.0-cn01.pdf

For your convenience, OASIS provides a complete package of the Committee Note that you can download here:
https://docs.oasis-open.org/tosca/ECAH-rec/v1.0/cn01/ECAH-rec-v1.0-cn01.zip

Members of the TOSCA TC approved this Committee Note by a Full Majority vote on 28 April 2022 as documented in the TC minutes [2].

Our congratulations to all the members of the TC.

Additional references

[1] OASIS Topology and Orchestration Specification for Cloud Applications (TOSCA) TC
https://www.oasis-open.org/committees/tosca/

[2] Approval
https://www.oasis-open.org/committees/download.php/69887

Five Project Notes published by OSLC Open Project

OASIS is pleased to announce the publication of five new Project Notes from the members of the OASIS Open Services for Lifecycle Collaboration (OSLC) OP [1].

OSLC Core Version 3.0: Link Guidance
In this informative note we offer advice to OSLC Technical Committees on modeling links and relationships between OSLC resources.

Configuration Management 1.0 Primer
This primer serves as a guide to the concepts in “OSLC Configuration Management Version 1.0”, and through the use of simple examples, explains how versioning and configurations are represented, how and when local configurations and global configurations are used, and lists the elements that an implementation should consider.

Summary of changes in OSLC Core 3.0
This note will serve as a guide for existing OSLC 2.0 users to learn what’s new in “OSLC Core Version 3.0” and navigate around the changes in the specifications.

OSLC Tracked Resource Set Guidance
This document contains preliminary material for a tutorial for “OSLC Tracked Resource Set Version 3.0.”

Tracked Resource Set 1.0 Primer
This primer serves as a guide to the concepts in “OSLC Tracked Resource Set Version 3.0,” and through the use of simple examples, explains how a data provider might expose resources in a TRS and how a TRS client might consume a data provider’s TRS.

The Project Notes are available here:

Configuration Management Primer Version 1.0
Project Note 01
16 December 2021

https://docs.oasis-open-projects.org/oslc-op/config-primer/v1.0/pn01/config-primer.html
https://docs.oasis-open-projects.org/oslc-op/config-primer/v1.0/pn01/config-primer.pdf
***************************************

OSLC Core v3.0 Changes Version 1.0
Project Note 01
16 December 2021

https://docs.oasis-open-projects.org/oslc-op/core-3.0-changes/v1.0/pn01/core-3.0-changes.html
https://docs.oasis-open-projects.org/oslc-op/core-3.0-changes/v1.0/pn01/core-3.0-changes.pdf
***************************************

OSLC Core Version 3.0: Link Guidance Version 1.0
Project Note 01
16 December 2021

https://docs.oasis-open-projects.org/oslc-op/link-guidance/v1.0/pn01/link-guidance.html
https://docs.oasis-open-projects.org/oslc-op/link-guidance/v1.0/pn01/link-guidance.pdf
***************************************

OSLC Tracked Resource Set Guidance Version 1.0
Project Note 01
16 December 2021

https://docs.oasis-open-projects.org/oslc-op/trs-guidance/v1.0/pn01/trs-guidance.html
https://docs.oasis-open-projects.org/oslc-op/trs-guidance/v1.0/pn01/trs-guidance.pdf
***************************************

Tracked Resource Set Primer Version 1.0
Project Note 01
16 December 2021

https://docs.oasis-open-projects.org/oslc-op/trs-primer/v1.0/pn01/trs-primer.html
https://docs.oasis-open-projects.org/oslc-op/trs-primer/v1.0/pn01/trs-primer.pdf
***************************************

The Project Governing Board of the OSLC OP approved these Project Notes on 16 December 2021 as documented in the OP ballot [2].

Our congratulations to all the members of the OP.

Additional references

[1] OASIS Open Services for Lifecycle Collaboration (OSLC) OP
https://open-services.net/about/

[2] Approval
https://lists.oasis-open-projects.org/g/oslc-op-pgb/message/210

Invitation to comment on OSLC PROMCODE v1.0 Errata 01

OASIS and the OASIS OSLC Lifecycle Integration for Project Management of Contracted Delivery (OSLC PROMCODE) TC are pleased to announce that OSLC PROMCODE v1.0 Errata 01 is now available for public review and comment.

This document lists errata for the OASIS Standard “OSLC PROMCODE Version 1.0.” As described in the document, there are no changes to the published textual documents of the OASIS Standard (Part 1: Specification, Part 2: Vocabulary, and Part 3: Constraints). Changes have been made only to the two machine-readable “turtle” files (promcode-vocab.ttl and promcode-shapes.ttl). The modified “turtle” files are included in this publication.

The documents and related files are available here:

OSLC PROMCODE Version 1.0 Errata 01
Committee Specification Draft 01
13 May 2022

HTML:
https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/csd01/promcode-v1.0-errata01-csd01.html (Authoritative)
PDF:
https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/csd01/promcode-v1.0-errata01-csd01.pdf

Machine-readable files
Vocabulary terms: https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/csd01/promcode-vocab.ttl
Constraints: https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/csd01/promcode-shapes.ttl

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/csd01/promcode-v1.0-errata01-csd01.zip

How to Provide Feedback

OASIS and the OSLC PROMCODE TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

This 15-day public review starts 19 May 2022 at 00:00 UTC and ends 02 June 2022 at 23:59 UTC.

Additional information about this review and any previous public reviews is published with the specification documents at:
https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/csd01/promcode-v1.0-errata01-csd01-public-review-metadata.html

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=oslc-promcode).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/oslc-promcode-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the OSLC PROMCODE TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/oslc-promcode/

Additional references

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/oslc-promcode/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#RF-on-Limited-Mode
RF on Limited Terms Mode

Invitation to comment on Secure QR Code Authentication v1.0

OASIS and the OASIS Electronic Secure Authentication (ESAT) TC are pleased to announce that Secure QR Code Authentication Version 1.0 is now available for public review and comment. This is the first public review for this draft specification.

Specification Overview

This document describes the use of QR Codes and a mobile phone as a replacement for a username and password in user login authentication. An alternative to passwords that includes QR Codes is described, and typical use cases are described. This document also provides an overview and context for using QR Codes for security purposes.

In addition, this document specifies a “Secure QR Code Authentication Protocol” (SQRAP) and assesses the related security threats and risks.

The documents and related files are available here:

Secure QR Code Authentication Version 1.0
Committee Specification Draft 01
25 April 2022

Editable source (Authoritative):
https://docs.oasis-open.org/esat/sqrap/v1.0/csd01/sqrap-v1.0-csd01.docx
HTML:
https://docs.oasis-open.org/esat/sqrap/v1.0/csd01/sqrap-v1.0-csd01.html
PDF:
https://docs.oasis-open.org/esat/sqrap/v1.0/csd01/sqrap-v1.0-csd01.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/esat/sqrap/v1.0/csd01/sqrap-v1.0-csd01.zip

A public review metadata record documenting this and any previous public reviews is available at:
https://docs.oasis-open.org/esat/sqrap/v1.0/csd01/sqrap-v1.0-csd01-public-review-metadata.html

How to Provide Feedback

OASIS and the OASIS Electronic Secure Authentication (ESAT) TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

The public review starts 12 May 2022 at 00:00 UTC and ends 10 June 2022 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=esat).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:

https://lists.oasis-open.org/archives/esat-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the esat TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/esat/

Additional references

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/esat/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#RF-on-Limited-Mode
RF on Limited Terms Mode

Invitation to comment on Virtual I/O Device (VIRTIO) Version 1.2

OASIS and the OASIS Virtual I/O Device (VIRTIO) TC are pleased to announce that Virtual I/O Device (VIRTIO) Version 1.2 is now available for public review and comment.

Specification Overview

VIRTIO v1.2 is the largest ever release of the ‘virtio’ specification, with 9 new device types as well as significant new functionality in existing devices, and addressing comments by more than 45 individuals from more than 15 organizations. This specification is fully compatible with the previous version, VIRTIO v1.1.

This document describes the specifications of the ‘virtio’ family of devices. These devices are found in virtual environments, yet by design they look like physical devices to the guest within the virtual machine – and this document treats them as such. This similarity allows the guest to use standard drivers and discovery mechanisms. The purpose of virtio and this specification is that virtual environments and guests should have a straightforward, efficient, standard and extensible mechanism for virtual devices, rather than boutique per-environment or per-OS mechanisms.

The documents and related files are available here:

Virtual I/O Device (VIRTIO) Version 1.2
Committee Specification Draft 01
09 May 2022

Editable source (Authoritative):
https://docs.oasis-open.org/virtio/virtio/v1.2/csd01/tex/
HTML:
https://docs.oasis-open.org/virtio/virtio/v1.2/csd01/virtio-v1.2-csd01.html
PDF:
https://docs.oasis-open.org/virtio/virtio/v1.2/csd01/virtio-v1.2-csd01.pdf
Example driver listing:
https://docs.oasis-open.org/virtio/virtio/v1.2/csd01/listings/
PDF file marked to indicate changes from Version 1.1 Committee Specification 01:
https://docs.oasis-open.org/virtio/virtio/v1.2/csd01/virtio-v1.2-csd01-diff-from-v1.1-cs01.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/virtio/virtio/v1.2/csd01/virtio-v1.2-csd01.zip

A public review metadata record documenting this and any previous public reviews is available at:
https://docs.oasis-open.org/virtio/virtio/v1.2/csd01/virtio-v1.2-csd01-public-review-metadata.html

How to Provide Feedback

OASIS and the OASIS Virtual I/O Device (VIRTIO) TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

The public review starts 10 May 2022 at 00:00 UTC and ends 08 June 2022 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=virtio).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:

https://lists.oasis-open.org/archives/virtio-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the VIRTIO TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/virtio/

Additional references

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://github.com/oasis-tcs/virtio-admin/blob/master/IPR.md
https://www.oasis-open.org/policies-guidelines/ipr/#Non-Assertion-Mode
Non-Assertion Mode

Invitation to comment on Energy Interoperation Common Transactive Services (CTS) v1.0

OASIS and the OASIS Energy Interoperation TC are pleased to announce that Energy Interoperation Common Transactive Services (CTS) v1.0 is now available for public review and comment. This is the second public review of this draft specification.

Common Transactive Services (CTS) permits energy consumers and producers to interact through energy markets by simplifying actor interaction with any market. CTS is a streamlined and simplified profile of the OASIS Energy Interoperation (EI) specification, which describes an information and communication model to coordinate the exchange of energy between any two Parties that consume or supply energy, such as energy suppliers and customers, markets and service providers.

The documents and related files are available here:

Energy Interoperation Common Transactive Services (CTS) Version 1.0
Committee Specification Draft 02
28 April 2022

PDF (Authoritative):
https://docs.oasis-open.org/energyinterop/ei-cts/v1.0/csd02/ei-cts-v1.0-csd02.pdf
Editable source:
https://docs.oasis-open.org/energyinterop/ei-cts/v1.0/csd02/ei-cts-v1.0-csd02.docx
HTML:
https://docs.oasis-open.org/energyinterop/ei-cts/v1.0/csd02/ei-cts-v1.0-csd02.html
PDF marked with changes since previous publication:
https://docs.oasis-open.org/energyinterop/ei-cts/v1.0/csd02/ei-cts-v1.0-csd02-DIFF.pdf
Comment resolution log for previous public review:
https://docs.oasis-open.org/energyinterop/ei-cts/v1.0/csd01/ei-cts-v1.0-csd01-comment-resolution-log.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/energyinterop/ei-cts/v1.0/csd02/ei-cts-v1.0-csd02.zip

A public review metadata record documenting this and any previous public reviews is available at:
https://docs.oasis-open.org/energyinterop/ei-cts/v1.0/csd02/ei-cts-v1.0-csd02-public-review-metadata.html

How to Provide Feedback

OASIS and the Energy Interoperation TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

The public review starts 30 April 2022 at 00:00 UTC and ends 01 June 2022 at 23:59 UTC.

The TC requests that comments should cite the line numbers from the PDF formatted version for clarity.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=energyinterop).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/energyinterop-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the Energy Interoperation TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/energyinterop/

Additional references

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/energyinterop/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#RF-on-Limited-Mode
RF on Limited Terms Mode

Invitation to comment on Common Security Advisory Framework v2.0

OASIS and the OASIS Common Security Advisory Framework (CSAF) TC are pleased to announce that Common Security Advisory Framework Version 2.0 is now available for public review and comment. This 15-day review is the second public review for this draft specification.

The Common Security Advisory Framework (CSAF) Version 2.0 is the definitive reference for the CSAF language which supports creation, update, and interoperable exchange of security advisories as structured information on products, vulnerabilities and the status of impact and remediation among interested parties.

The OASIS CSAF Technical Committee is chartered to make a major revision to the widely-adopted Common Vulnerability Reporting Framework (CVRF) specification, originally developed by the Industry Consortium for Advancement of Security on the Internet (ICASI). ICASI has contributed CVRF to the TC. The revision is being developed under the name Common Security Advisory Framework (CSAF). TC deliverables are designed to standardize existing practice in structured machine-readable vulnerability-related advisories and further refine those standards over time.

The documents and related files are available here:

Common Security Advisory Framework Version 2.0
Committee Specification Draft 02
30 March 2022

Editable source (Authoritative):
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02.md

HTML:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02.html

PDF:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02.pdf

PDF marked with changes since previous publication:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02-DIFF.pdf

JSON schemas:
Aggregator JSON schema:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/schemas/aggregator_json_schema.json
CSAF JSON schema:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/schemas/csaf_json_schema.json
Provider JSON schema:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/schemas/provider_json_schema.json

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02.zip

A public review announcement metadata record [3] is published along with the specification files.

How to Provide Feedback

OASIS and the CSAF TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

The public review starts 15 April 2022 at 00:00 UTC and ends 29 April 2022 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=csaf).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/csaf-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the CSAF TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/csaf/

Additional references

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/csaf/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#Non-Assertion-Mode

[3] Public review announcement metadata:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02-public-review-metadata.html

Code List Representation (genericode) v1.0 approved as a Committee Specification

OASIS is pleased to announce the approval and publication of an updated Committee Specification by the members of the OASIS Code List Representation TC [1]:

Code List Representation (genericode) Version 1.0
Committee Specification 02
06 April 2022

Overview

Code lists can be defined as controlled vocabularies or coded value enumerations. Examples of standardized code lists include country abbreviations, currency abbreviations, shipping container descriptors, and airport codes. Examples of non-standardized code lists used between trading partners include financial account types, workflow status indicators, and any set of values representing the semantics of related concepts known between the parties involved in information interchange. Code lists have been used for many years, and they have often been published and disseminated in manners that have not been IT-enabled for ease of computer processing.

The Code List Representation format, known as genericode, is a single semantic model of code lists and accompanying XML serialization (supported by a W3C XML Schema) that can encode a broad range of code list information. The serialization is designed to IT-enable the interchange or distribution of machine-readable code list information between systems. Note that genericode is not designed as a run-time format for accessing code list information, and is not optimized for such usage. Rather, it is designed as an interchange format that can be transformed into formats suitable for run-time usage, or loaded into systems that perform run-time processing using code list information.

This Committee Specification is an OASIS deliverable, completed and approved by the TC and fully ready for testing and implementation.

The documents and related files are available here:

Editable source (Authoritative):
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/genericode-v1.0-cs02.xml
HTML:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/genericode-v1.0-cs02.html
PDF:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/genericode-v1.0-cs02.pdf
PDF marked with changes since previous public review:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/genericode-v1.0-cs02-DIFF.pdf

JSON examples:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/json-example/
Schematron constraints:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/sch/
XML examples:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/xml/
XML constraints:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/xsd/
JSON translation in XSLT:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/xslt/

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/genericode-v1.0-cs02.zip

Members of the OASIS Code List Representation TC [1] approved this specification by Special Majority Vote. The specification had been released for public review as required by the TC Process [2]. The vote to approve as a Committee Specification passed [3], and the document is now available online in the OASIS Library as referenced above.

This Committee Specification 02 incorporates changes since the previous public review [4].

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

Additional references

[1] OASIS Code List Representation TC
https://www.oasis-open.org/committees/codelist/

[2] Details of public review:
https://docs.oasis-open.org/codelist/genericode/v1.0/csd04/genericode-v1.0-csd04-public-review-metadata.html

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=3692

[4] Committee Specification Draft 04, 16 October 2021
https://lists.oasis-open.org/archives/members/202111/msg00002.html
– Change description:
https://docs.oasis-open.org/codelist/genericode/v1.0/csd04/genericode-v1.0-csd04-comment-resolution-log.xlsx
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/genericode-v1.0-cs02-DIFF.pdf

No results with the selected filters