OASIS Open: Committees

Approve submitting STIX v2.1 and TAXII v2.1 as candidates for OASIS Standard

Please make 2 selections below to indicate whether you approve or disapprove the respective Committee Specifications being advanced as candidate OASIS Standards

STIX Version 2.1 CS02 [1] was approved as a Committee Specification on 25 January 2021. The TC received 3 Statements of Use from Accenture Security, Fujitsu, and New Context [2].

TAXII Version 2.1 CS01 [3] was approved as a Committee Specification on 27 January 2021. The TC received 5 Statements of Use from Fujitsu, Celerium, LookingGlass Cyber Solutions, Cyware Labs, and FreeTAXII [4].

Do you approve submitting one or both of these Committee Specifications to the OASIS membership for consideration as candidates for OASIS Standard?

Approving this ballot will result in a 60-day public review after which, if no comments are received, the CSs will be submitted to a membership-wide call for consent. If comments are received, the TC will be asked to vote by Special Majority Ballot on whether to continue to the membership vote. This is explained in TC Process section 3.4.2, Public Review of a Candidate OASIS Standard [5].

This ballot requires a Special Majority Vote [6]. The TC roster currently lists 48 voting members. In order to pass, each CS must get at least 32 (2/3 x 48) positive votes and no more than 12 (1/4 x 48) negative votes.

[1] STIX Version 2.1 CS02:
http://docs.oasis-open.org/cti/stix/v2.1/cs02/stix-v2.1-cs02.html

[2] Links to Statements of Use

- Accenture Security:
https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/202102/msg00006.html

- Fujitsu:
https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/202102/msg00005.html

- New Context:
https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/202101/msg00027.html

[3] TAXII Version 2.1 CS01:
https://docs.oasis-open.org/cti/taxii/v2.1/cs01/taxii-v2.1-cs01.html

[4] Links to Statements of Use

- Fujitsu:
https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/202102/msg00005.html

- Celerium:
https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/202007/msg00002.html

- LookingGlass Cyber Solutions:
https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/202006/msg00019.html

- Cyware Labs:
https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/202007/msg00033.html

- FreeTAXII:
https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/202101/msg00028.html

[5] http://www.oasis-open.org/policies-guidelines/tc-process#OASISstandard

[6] Special Majority Vote: http://www.oasis-open.org/committees/process-2010-07-28.php#dSpecialMajority

[ ]	STIX Version 2.1 - yes
[ ]	STIX Version 2.1 - no
[ ]	STIX Version 2.1 - abstain
[ ]	TAXII Version 2.1 - yes
[ ]	TAXII Version 2.1 - no
[ ]	TAXII Version 2.1 - abstain

Opening:		Wednesday, 10 February 2021 @ 12:00 am UTC
Closing:		Friday, 19 February 2021 @ 11:59 pm UTC
Group:		OASIS Cyber Threat Intelligence (CTI) TC

Ballot has closed.

Referenced Items
Name	Type	Date	Action
03570: Approve submitting STIX v2.1 and TAXII v2.1 as candidates for OASIS Standard (48K)	Document	2021-02-19	Details

Voting Details

Voting Summary

Options with highest number of votes are bold

Option	# Votes	% of Total
STIX Version 2.1 - yes	44	50%
STIX Version 2.1 - no	0	0%
STIX Version 2.1 - abstain	0	0%
TAXII Version 2.1 - yes	44	50%
TAXII Version 2.1 - no	0	0%
TAXII Version 2.1 - abstain	0	0%

Eligible members who have voted:	44 of 49	90%
Eligible members who have abstained:	0 of 49	0%
Eligible members who have not voted:	5 of 49	10%

Voting Details

Voter	Company	Vote	Reference Document and/or Comment
Patrick Maroney	AT&T	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Robert Coderre	Accenture	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Kyle Maxwell	Accenture	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Robert Keith	Accenture	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Curtis Kostrosky	Accenture	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Dean Thompson	Australia and New Zealand Banking Group (A...	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Trey Darley	CCB/CERT.be	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Mark Davidson	Celerium Inc.	--
Michael Butt	Celerium Inc.	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Daniel Dye	Celerium Inc.	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Nick Schwane	Celerium Inc.	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Andrew Windsor	Cisco Systems	--
Caitlin Huey	Cisco Systems	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Jane Ginn	Cyber Threat Intelligence Network, Inc. (C...	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Bret Jordan	Cyber Threat Intelligence Network, Inc. (C...	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Michael Rosa	DHS Office of Cybersecurity and Communicat...	--
Marlon Taylor	DHS Office of Cybersecurity and Communicat...	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Jackie Eun Park	DHS Office of Cybersecurity and Communicat...	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Paul Patrick	DarkLight, Inc.	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Aukjan van Belkum	EclecticIQ	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Chris Ricard	Financial Services Information Sharing and...	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Kunihiko Yoshimura	Fujitsu Limited	--
Ryusuke Masuoka	Fujitsu Limited	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Koji Yamada	Fujitsu Limited	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Toshitaka Satomi	Fujitsu Limited	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Kazuo Noguchi	Hitachi, Ltd.	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Jason Keirstead	IBM	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Emily Ratliff	IBM	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Roseann Guttierrez	IBM	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Elysa Jones	Individual	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Richard Brooks	Individual	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Allan Thomson	Individual	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Terry MacDonald	Individual	STIX Version 2.1 - yes TAXII Version 2.1 - yes	It's great to finally get to this point! It's been a long gestation, but the results are worth it.
Beth Pumo	Kaiser Permanente	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Alex Applegate	LookingGlass	--
Richard Piazza	Mitre Corporation	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Emmanuelle Vargas-Gonzalez	Mitre Corporation	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Chris Lenk	Mitre Corporation	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Richard Struse	Mitre Corporation	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Danny Haynes	Mitre Corporation	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Andrew Storms	New Context Services, Inc.	STIX Version 2.1 - yes TAXII Version 2.1 - yes
John-Mark Gurney	New Context Services, Inc.	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Christian Hunt	New Context Services, Inc.	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Drew Varner	NineFX, Inc.	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Stephan Relitz	Northrop Grumman	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Georges Bossert	SEKOIA	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Marco Caselli	Siemens AG	STIX Version 2.1 - yes TAXII Version 2.1 - yes
David Girard	Trend Micro	STIX Version 2.1 - yes TAXII Version 2.1 - yes
Jeffrey Mates	US Department of Defense (DoD)	STIX Version 2.1 - yes TAXII Version 2.1 - yes