[scap_interest] CYBEX reference documents - deliverables for the ITU-T December meeting

Tony Rutkowski <tony@yaanatech.com> Mon, 08 November 2010 16:41 UTC

Return-Path: <tony@yaanatech.com>
X-Original-To: scap_interest@core3.amsl.com
Delivered-To: scap_interest@core3.amsl.com
Received: from localhost (localhost []) by core3.amsl.com (Postfix) with ESMTP id 6041E3A67F1 for <scap_interest@core3.amsl.com>; Mon, 8 Nov 2010 08:41:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Status: No, score=x tagged_above=-999 required=5 tests=[]
Received: from mail.ietf.org ([]) by localhost (core3.amsl.com []) (amavisd-new, port 10024) with ESMTP id 5wvxzWHaWNmM for <scap_interest@core3.amsl.com>; Mon, 8 Nov 2010 08:41:53 -0800 (PST)
Received: from webmail.yaanatech.com (server1.yaanatech.com []) by core3.amsl.com (Postfix) with ESMTP id 133D33A67EE for <scap_interest@ietf.org>; Mon, 8 Nov 2010 08:41:50 -0800 (PST)
Received: from [] (pool-71-171-109-164.clppva.fios.verizon.net []) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by webmail.yaanatech.com (Postfix) with ESMTP id E20211C7828D; Mon, 8 Nov 2010 08:41:55 -0800 (PST)
Message-ID: <4CD82850.4060503@yaanatech.com>
Date: Mon, 08 Nov 2010 11:41:52 -0500
From: Tony Rutkowski <tony@yaanatech.com>
Organization: Yaana Technologies
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv: Gecko/20101028 Lanikai/3.1.6
MIME-Version: 1.0
To: scap_interest@ietf.org
Content-Type: multipart/mixed; boundary="------------090702060705010805020702"
Cc: "sob@harvard.edu" <sob@harvard.edu>
Subject: [scap_interest] CYBEX reference documents - deliverables for the ITU-T December meeting
X-BeenThere: scap_interest@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: tony@yaanatech.com
List-Id: "Discussion List for IETFers interested in the Security Content Automation Protocol \(SCAP\)." <scap_interest.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/scap_interest>, <mailto:scap_interest-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scap_interest>
List-Post: <mailto:scap_interest@ietf.org>
List-Help: <mailto:scap_interest-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scap_interest>, <mailto:scap_interest-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Nov 2010 16:41:54 -0000

Dear all,

Please find attached the initial CYBEX
deliverables for review and requested
adoption at the ITU-T SG17 meeting in four
weeks in Geneva.  Following a rapid global
polling process that includes every ITU
country in the world and their industries,
these will become adopted Recommendations
in April, translated into Arabic, Chinese,
French, Spanish, & Russian languages, and
made available with a persistent URL and
downloadable for free from a trusted EVcert
identified host.  Going forward, the
provisions will be evolved as necessary
to remain current and synced with the
respective user communities.

This ensemble includes the basic CYBEX framework
(X.1500) and two key initial capability
specifications for CVE (X.1520) and CVSS
(X.1521).  Also provided are the report
of the continuing management group for
the effort known as the CYBEX Correspondence
Group, and the roadmap/workplan for 2011-2012.

This is a landmark of sorts, that represents
the considerable effort over the past 18 months
and combined vision by a great many people
from around the globe - especially the
specification source communities.  Some are
at the Beijing scap_interest BOF.

The IETF activity for security tool automation
implementations is one of many such initiatives
now occurring in diverse standards bodies.  We
all gain by our constant collaboration in these
efforts, and look forward to doing so as the
IETF moves forward, and will do everything possible
to share our work and provide involvement.  The
ITU's recent action to provide low-cost membership
to academic institutions will also be helpful in
promoting openness and direct access.

best regards,
tony  (ITU-T Q.4/17 - Cybersecurity - Rapporteur)