OASIS Open

Common Security Advisory Framework Version 2.0 [1] was approved as a Committee Specification on 01 August 2022. The TC has received three Statements of Use from Oracle Corporation, TIBCO Software Inc., and Federal Office for Information Security (BSI) Germany [2]. Do you now approve submitting Common Security Advisory Framework Version 2.0 Committee Specification 03 to the OASIS membership for consideration as a Candidate OASIS Standard? Approving this ballot will result in a 60-day public review after which, if no comments are received, the COS will be submitted to a membership-wide ballot. If comments are received, the TC will be asked to vote by Special Majority Ballot on whether to continue to the membership vote. This is explained in TC Process section 2.8.2, Public Review of a Candidate OASIS Standard [3]. This ballot requires a Special Majority Vote [4]. The TC roster currently lists 15 voting members. In order to pass, at least 10 (2/3 x 15) members have to vote Yes and no more than 3 (1/4 x 15) members may vote No. [1] URI to the Committee Specification: https://docs.oasis-open.org/csaf/csaf/v2.0/cs03/csaf-v2.0-cs03.html [2] Links to Statements of Use Oracle Corporation: https://lists.oasis-open.org/archives/csaf/202208/msg00002.html TIBCO Software Inc.: https://lists.oasis-open.org/archives/csaf/202208/msg00000.html Federal Office for Information Security (BSI) Germany: https://lists.oasis-open.org/archives/csaf/202207/msg00024.html [3] https://www.oasis-open.org/policies-guidelines/tc-process-2017-05-26/#OSpublicRev [4] Special Majority Vote: https://www.oasis-open.org/policies-guidelines/oasis-defined-terms-2018-05-22/#dSpecialMajority

CS03: Common Security Advisory Framework Version 2.0 Committee Specification 03 01 August 2022 https://docs.oasis-open.org/csaf/csaf/v2.0/cs03/csaf-v2.0-cs03.md https://docs.oasis-open.org/csaf/csaf/v2.0/cs03/csaf-v2.0-cs03.html https://docs.oasis-open.org/csaf/csaf/v2.0/cs03/csaf-v2.0-cs03.pdf JSON schemas: Aggregator: https://docs.oasis-open.org/csaf/csaf/v2.0/cs03/schemas/aggregator_json_schema.json CSAF: https://docs.oasis-open.org/csaf/csaf/v2.0/cs03/schemas/csaf_json_schema.json Provider: https://docs.oasis-open.org/csaf/csaf/v2.0/cs03/schemas/provider_json_schema.json