From b31b0a24ad59e4e3346f7cc831770daee14b9d9d Mon Sep 17 00:00:00 2001 From: David Lemire Date: Wed, 30 Jun 2021 14:30:35 -0400 Subject: [PATCH 01/18] Create new appendix structure --- open-impl-https.md | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/open-impl-https.md b/open-impl-https.md index 22fd9aa..cfa84e0 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -642,4 +642,26 @@ The following individuals are acknowledged for providing comments, suggested tex | v1.0-wd03-wip | 3/27/2019 | Lemire | Resolution of issues from public review 1. | | v1.0-wd03-wip | 3/28/2019 | Lemire | Incremented WD version number to 05 prior to CSD ballot to eliminate ambiguity. | | v1.0-wd06-wip | 5/14/2019 | Lemire | Resolution of issues from public review 2 and adjustments for consistency across the suite of specifications. | -| v1.1-wdxx-wip | x/x/2020 | Lemire | Minor corrections and changes from January 2020 Plug Fest experience | \ No newline at end of file +| v1.1-wdxx-wip | x/x/2020 | Lemire | Minor corrections and changes from January 2020 Plug Fest experience | + + + +# Appendix A. References + +## A.1 Normative References + +## A.2 Informative References + +# Appendix B. Safety, SEcurity and Privacy Considerations + +# Appendix C. Acknowledgements + +## C.1 Special Thanks + +## C.2 Participants + +# Appendix D. Revision History + +# Appendix E. Examples + +# Appendix F. Notices \ No newline at end of file From 440c26c8dc50dd4f05a9a9a57b2e943555cad98f Mon Sep 17 00:00:00 2001 From: David Lemire Date: Wed, 30 Jun 2021 14:31:45 -0400 Subject: [PATCH 02/18] Move normative references --- open-impl-https.md | 44 ++++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/open-impl-https.md b/open-impl-https.md index cfa84e0..ad00ec1 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -148,28 +148,6 @@ The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "S A list of acronyms is provided in [Annex A](#annex-a-acronyms). -## 1.3 Normative References -###### [RFC2119] -Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <[http://www.rfc-editor.org/info/rfc2119](http://www.rfc-editor.org/info/rfc2119)>. -###### [RFC2818] -Rescorla, E., "HTTP Over TLS", RFC 2818, DOI 10.17487/RFC2818, May 2000, <[https://www.rfc-editor.org/info/rfc2818](https://www.rfc-editor.org/info/rfc2818)>. -###### [RFC5246] -Dierks, T. and E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.2", RFC 5246, DOI 10.17487/RFC5246, August 2008, <[https://www.rfc-editor.org/info/rfc5246](https://www.rfc-editor.org/info/rfc5246)>. -###### [RFC7230] -Fielding, R., Ed., and J. Reschke, Ed., "Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing", RFC 7230, DOI 10.17487/RFC7230, June 2014, . -###### [RFC7231] -Fielding, R., Ed., and J. Reschke, Ed., "Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content", RFC 7231, DOI 10.17487/RFC7231, June 2014, . -###### [RFC7235] -Fielding, R., Ed., and J. Reschke, Ed., "Hypertext Transfer Protocol (HTTP/1.1): Authentication", RFC 7235, DOI 10.17487/RFC7235, June 2014, . -###### [RFC7540] -Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext Transfer Protocol Version 2 (HTTP/2)", RFC 7540, DOI 10.17487/RFC7540, May 2015, . -###### [RFC8174] -Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, <[http://www.rfc-editor.org/info/rfc8174](http://www.rfc-editor.org/info/rfc8174)>. -###### [RFC8446] -Rescorla, E., "The Transport Layer Security (TLS) Protocol Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, <[http://www.rfc-editor.org/info/rfc8446](http://www.rfc-editor.org/info/rfc8446)> -###### [OpenC2-Lang-v1.0] -_Open Command and Control (OpenC2) Language Specification Version 1.0_. Edited by Jason Romano and Duncan Sparrell. Latest version: http://docs.oasis-open.org/openc2/oc2ls/v1.0/oc2ls-v1.0.html. - ## 1.4 Non-Normative References ###### [RFC3205] Moore, K., "On the use of HTTP as a Substrate", BCP 56, RFC 3205, DOI 10.17487/RFC3205, February 2002, . @@ -650,6 +628,28 @@ The following individuals are acknowledged for providing comments, suggested tex ## A.1 Normative References +###### [RFC2119] +Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <[http://www.rfc-editor.org/info/rfc2119](http://www.rfc-editor.org/info/rfc2119)>. +###### [RFC2818] +Rescorla, E., "HTTP Over TLS", RFC 2818, DOI 10.17487/RFC2818, May 2000, <[https://www.rfc-editor.org/info/rfc2818](https://www.rfc-editor.org/info/rfc2818)>. +###### [RFC5246] +Dierks, T. and E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.2", RFC 5246, DOI 10.17487/RFC5246, August 2008, <[https://www.rfc-editor.org/info/rfc5246](https://www.rfc-editor.org/info/rfc5246)>. +###### [RFC7230] +Fielding, R., Ed., and J. Reschke, Ed., "Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing", RFC 7230, DOI 10.17487/RFC7230, June 2014, . +###### [RFC7231] +Fielding, R., Ed., and J. Reschke, Ed., "Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content", RFC 7231, DOI 10.17487/RFC7231, June 2014, . +###### [RFC7235] +Fielding, R., Ed., and J. Reschke, Ed., "Hypertext Transfer Protocol (HTTP/1.1): Authentication", RFC 7235, DOI 10.17487/RFC7235, June 2014, . +###### [RFC7540] +Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext Transfer Protocol Version 2 (HTTP/2)", RFC 7540, DOI 10.17487/RFC7540, May 2015, . +###### [RFC8174] +Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, <[http://www.rfc-editor.org/info/rfc8174](http://www.rfc-editor.org/info/rfc8174)>. +###### [RFC8446] +Rescorla, E., "The Transport Layer Security (TLS) Protocol Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, <[http://www.rfc-editor.org/info/rfc8446](http://www.rfc-editor.org/info/rfc8446)> +###### [OpenC2-Lang-v1.0] +_Open Command and Control (OpenC2) Language Specification Version 1.0_. Edited by Jason Romano and Duncan Sparrell. Latest version: http://docs.oasis-open.org/openc2/oc2ls/v1.0/oc2ls-v1.0.html. + + ## A.2 Informative References # Appendix B. Safety, SEcurity and Privacy Considerations From 68577cae77df4b0e91943a12bee07187222247a7 Mon Sep 17 00:00:00 2001 From: David Lemire Date: Wed, 30 Jun 2021 14:32:27 -0400 Subject: [PATCH 03/18] move informative references --- open-impl-https.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/open-impl-https.md b/open-impl-https.md index ad00ec1..e53bc4d 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -148,18 +148,6 @@ The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "S A list of acronyms is provided in [Annex A](#annex-a-acronyms). -## 1.4 Non-Normative References -###### [RFC3205] -Moore, K., "On the use of HTTP as a Substrate", BCP 56, RFC 3205, DOI 10.17487/RFC3205, February 2002, . -###### [RFC7525] -Sheffer, Y., Holz, R., and P. Saint-Andre, "Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May 2015, . -###### [RFC8259] -Bray, T., ed., "The JavaScript Object Notation (JSON) Data Interchange Format", STD 90, RFC 8259, DOI 10.17487/RFC8259, December 2017, http://www.rfc-editor.org/info/rfc8259 -###### [SLPF] -_Open Command and Control (OpenC2) Profile for Stateless Packet Filtering Version 1.0_. Edited by Joe Brule, Duncan Sparrell and Alex Everett. Latest version: http://docs.oasis-open.org/openc2/oc2slpf/v1.0/oc2slpf-v1.0.html -###### [IACD] -M. J. Herring, K. D. Willett, "Active Cyber Defense: A Vision for Real-Time Cyber Defense," Journal of Information Warfare, vol. 13, Issue 2, p. 80, April 2014..

Willett, Keith D., "Integrated Adaptive Cyberspace Defense: Secure Orchestration", International Command and Control Research and Technology Symposium, June 2015 . - ## 1.5 Document Conventions ### 1.5.1 Naming Conventions * [[RFC2119]](#rfc2119)/[[RFC8174]](#rfc8174) key words (see [Section 1.2](#12-terminology)) are in all uppercase. @@ -652,6 +640,18 @@ _Open Command and Control (OpenC2) Language Specification Version 1.0_. Edited b ## A.2 Informative References +###### [RFC3205] +Moore, K., "On the use of HTTP as a Substrate", BCP 56, RFC 3205, DOI 10.17487/RFC3205, February 2002, . +###### [RFC7525] +Sheffer, Y., Holz, R., and P. Saint-Andre, "Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May 2015, . +###### [RFC8259] +Bray, T., ed., "The JavaScript Object Notation (JSON) Data Interchange Format", STD 90, RFC 8259, DOI 10.17487/RFC8259, December 2017, http://www.rfc-editor.org/info/rfc8259 +###### [SLPF] +_Open Command and Control (OpenC2) Profile for Stateless Packet Filtering Version 1.0_. Edited by Joe Brule, Duncan Sparrell and Alex Everett. Latest version: http://docs.oasis-open.org/openc2/oc2slpf/v1.0/oc2slpf-v1.0.html +###### [IACD] +M. J. Herring, K. D. Willett, "Active Cyber Defense: A Vision for Real-Time Cyber Defense," Journal of Information Warfare, vol. 13, Issue 2, p. 80, April 2014..

Willett, Keith D., "Integrated Adaptive Cyberspace Defense: Secure Orchestration", International Command and Control Research and Technology Symposium, June 2015 . + + # Appendix B. Safety, SEcurity and Privacy Considerations # Appendix C. Acknowledgements From 306e975e9e2f856a81211314fd6c987b4b46093d Mon Sep 17 00:00:00 2001 From: David Lemire Date: Wed, 30 Jun 2021 14:34:08 -0400 Subject: [PATCH 04/18] move acknowldgements --- open-impl-https.md | 96 +++++++++++++++++++++++----------------------- 1 file changed, 49 insertions(+), 47 deletions(-) diff --git a/open-impl-https.md b/open-impl-https.md index e53bc4d..e98eede 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -539,54 +539,8 @@ Content-type: application/openc2-rsp+json;version=1.0 --- # Annex C. Acknowledgments -The Implementation Considerations Subcommittee was tasked by the OASIS Open Command and Control Technical Committee (OpenC2 TC) which at the time of this submission, had 132 members. The editor wishes to express their gratitude to the members of the OpenC2 TC. - -The editor also thank Jerome Czachor, of Huntington-Ingalls Industries, for assistance with incorporating the new `OpenC2-Message` structure into this specification. - -The following individuals are acknowledged for providing comments, suggested text, and/or participation in CSD ballots or face-to-face meetings: - -* Michelle Barry, AT&T -* Brian Berliner, Symantec -* Joe Brule, National Security Agency -* Trey Darley, New Context Services, Inc. -* David Darnell, Systrends -* Travis Farral, Anomali -* Andy Gray, ForeScout -* John-Mark Gurney, New Context Services, Inc. -* Pavel Gutin, G2, Inc. -* David Hamilton, AT&T -* April Jackson, Praxis Engineering -* Sridhar Jayanthi, Polylogyx LLC -* Bret Jordan, Symantec -* Takahiro Kakumaru, NEC Corporation -* David Kemp, National Security Agency -* Lauri Korts-Pärn, NECAM -* Anthony Librera, AT&T -* Danny Martinez, G2, Inc. -* Lisa Mathews, National Security Agency -* Vasileios Mavroeidis, University of Oslo -* Jim Meck, Fireeye -* Efrain Ortiz, Symantec Corp. -* Daniel Riedel, New Context Services, Inc. -* Nirmal Rajarathnam, ForeScout -* Chris Ricard, FS-ISAC -* Jason Romano, National Security Agency -* Philip Royer, Splunk Inc. -* Duane Skeen, Northrop Grumman -* Duncan Sparrell, sFractal Consulting LLC -* Michael Stair, AT&T -* Andrew Storms, New Context Services, Inc. -* Gerald Stueve, Fornetix -* Allan Thomson, LookingGlass Cyber Solutions -* Bill Trost, AT&T -* Ryan Trost, ThreatQuotient -* Drew Varner, NineFX -* Jason Webb, LookingGlass Cyber Solutions -* Sounil Yu, Bank of America -* David Webber, Huawei - --- # Annex D. Revision History | Revision | Date | Editor | Changes Made | @@ -652,14 +606,62 @@ _Open Command and Control (OpenC2) Profile for Stateless Packet Filtering Versio M. J. Herring, K. D. Willett, "Active Cyber Defense: A Vision for Real-Time Cyber Defense," Journal of Information Warfare, vol. 13, Issue 2, p. 80, April 2014..

Willett, Keith D., "Integrated Adaptive Cyberspace Defense: Secure Orchestration", International Command and Control Research and Technology Symposium, June 2015 . -# Appendix B. Safety, SEcurity and Privacy Considerations +# Appendix B. Safety, Security and Privacy Considerations # Appendix C. Acknowledgements +The Implementation Considerations Subcommittee was tasked by the OASIS Open Command and Control Technical Committee (OpenC2 TC) which at the time of this submission, had 132 members. The editor wishes to express their gratitude to the members of the OpenC2 TC. + ## C.1 Special Thanks + +The editor also thank Jerome Czachor, of Huntington-Ingalls Industries, for assistance with incorporating the new `OpenC2-Message` structure into this specification. + ## C.2 Participants +The following individuals are acknowledged for providing comments, suggested text, and/or participation in CSD ballots or face-to-face meetings: + +* Michelle Barry, AT&T +* Brian Berliner, Symantec +* Joe Brule, National Security Agency +* Trey Darley, New Context Services, Inc. +* David Darnell, Systrends +* Travis Farral, Anomali +* Andy Gray, ForeScout +* John-Mark Gurney, New Context Services, Inc. +* Pavel Gutin, G2, Inc. +* David Hamilton, AT&T +* April Jackson, Praxis Engineering +* Sridhar Jayanthi, Polylogyx LLC +* Bret Jordan, Symantec +* Takahiro Kakumaru, NEC Corporation +* David Kemp, National Security Agency +* Lauri Korts-Pärn, NECAM +* Anthony Librera, AT&T +* Danny Martinez, G2, Inc. +* Lisa Mathews, National Security Agency +* Vasileios Mavroeidis, University of Oslo +* Jim Meck, Fireeye +* Efrain Ortiz, Symantec Corp. +* Daniel Riedel, New Context Services, Inc. +* Nirmal Rajarathnam, ForeScout +* Chris Ricard, FS-ISAC +* Jason Romano, National Security Agency +* Philip Royer, Splunk Inc. +* Duane Skeen, Northrop Grumman +* Duncan Sparrell, sFractal Consulting LLC +* Michael Stair, AT&T +* Andrew Storms, New Context Services, Inc. +* Gerald Stueve, Fornetix +* Allan Thomson, LookingGlass Cyber Solutions +* Bill Trost, AT&T +* Ryan Trost, ThreatQuotient +* Drew Varner, NineFX +* Jason Webb, LookingGlass Cyber Solutions +* Sounil Yu, Bank of America +* David Webber, Huawei + + # Appendix D. Revision History # Appendix E. Examples From 8cbf05a18195c3df8923fe4aba296fd9b30a580c Mon Sep 17 00:00:00 2001 From: David Lemire Date: Wed, 30 Jun 2021 14:35:14 -0400 Subject: [PATCH 05/18] move revision history --- open-impl-https.md | 42 ++++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) diff --git a/open-impl-https.md b/open-impl-https.md index e98eede..e185fbd 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -543,26 +543,7 @@ Content-type: application/openc2-rsp+json;version=1.0 --- # Annex D. Revision History -| Revision | Date | Editor | Changes Made | -|:---|:---|:---|:---| -| v1.0-wd01-wip | 6/15/2018 | Lemire | Initial working draft | -| v1.0-wd01-wip | 6/29/2018 | Lemire | Added Suitability section (1.6), responded to SC member comments | -| v1.0-wd01-wip | 7/20/2018 | Lemire | Additional responses to member comments; formatting clean-up for easier conversion to Markdown. | -| v1.0-wd01-wip | 8/9/2018 | Lemire | Implementing feedback from the July 2018 face-to-face meeting and resolving other comments to reach WD01 version to submit for CSD ballot. | -| v1.0-wd02-wip | 8/24/2018 | Lemire | Various edits to clarify interactions when the producer is HTTP listener; other edits and cleanup in response to document comments and Slack forum discussions. | -| v1.0-wd02-wip | 8/29/2018 | Lemire | 1) Adjustments to content type definitions to distinguish commands and responses;
2) Made corresponding adjustments to message flow descriptions and sample messages.
3) Added acknowledgements. | -| v1.0-wd02-wip | 8/30/2018 | Lemire | Inserted proposed replacements for sequence diagrams (Figures 2 and 3). | -| v1.0-wd02-wip | 8/31/2018 | Lemire | 1) Inserted initial draft conformance language (section 4).
2) Revised Section 1 content for greater consistency with related OpenC2 specifications.
3) Revised section 2.1 to merge proposed endpoint role descriptions
4) General edit for formatting, readability, consistency, etc. | -| v1.0-wd02-wip | 9/11/2018 | Lemire | 1) Reviewed and accepted / rejected comments.
2) Added placeholders for addressing use of "From" field.
3) Added statements about using Cache-control | -| v1.0-wd02-wip | 9/17/2018 | Lemire | 1) Added table to conformance section specifying mapping of Language Spec message elements.
2) Clarified certificate mutual authentication requirement.
3) Removed language about unsolicited responses from Consumers
4) Numbered the conformance items | -| v1.0-wd02-wip | 9/17/2018 | Lemire | 1) Removed used of the HTTP "From:" field, and mapped the OpenC2 "from" message element to the authenticated identity of the peer entity
2) Updated examples to remove HTTP From: | -| v1.0-wd02-wip | 9/19/2018 | Lemire | 1) Final clean-up of residual comments and edits to create WD02 package for CSD ballot.
2) Renamed document to WD03-wip | -| v1.0-wd03-wip | 10/15/2018 | Lemire | 1) Reorganized section 1 to align with other OpenC2 specifications
2) Reworded section 3.3.1 to properly use MUST / SHALL language
3) Clarified requirements wording section 3.2.2 to better indicate TLS version requirements and preferences, and authentication requirements.
4) Updated Table 4-1 to align with changes to Language Specification Table 3-1. | -| v1.0-wd03-wip | 10/16/2018 | Lemire | 1) Final clean-up of residual edits to create WD03 package for CSD approval and release for public review. | -| v1.0-wd03-wip | 3/27/2019 | Lemire | Resolution of issues from public review 1. | -| v1.0-wd03-wip | 3/28/2019 | Lemire | Incremented WD version number to 05 prior to CSD ballot to eliminate ambiguity. | -| v1.0-wd06-wip | 5/14/2019 | Lemire | Resolution of issues from public review 2 and adjustments for consistency across the suite of specifications. | -| v1.1-wdxx-wip | x/x/2020 | Lemire | Minor corrections and changes from January 2020 Plug Fest experience | + @@ -664,6 +645,27 @@ The following individuals are acknowledged for providing comments, suggested tex # Appendix D. Revision History +| Revision | Date | Editor | Changes Made | +|:---|:---|:---|:---| +| v1.0-wd01-wip | 6/15/2018 | Lemire | Initial working draft | +| v1.0-wd01-wip | 6/29/2018 | Lemire | Added Suitability section (1.6), responded to SC member comments | +| v1.0-wd01-wip | 7/20/2018 | Lemire | Additional responses to member comments; formatting clean-up for easier conversion to Markdown. | +| v1.0-wd01-wip | 8/9/2018 | Lemire | Implementing feedback from the July 2018 face-to-face meeting and resolving other comments to reach WD01 version to submit for CSD ballot. | +| v1.0-wd02-wip | 8/24/2018 | Lemire | Various edits to clarify interactions when the producer is HTTP listener; other edits and cleanup in response to document comments and Slack forum discussions. | +| v1.0-wd02-wip | 8/29/2018 | Lemire | 1) Adjustments to content type definitions to distinguish commands and responses;
2) Made corresponding adjustments to message flow descriptions and sample messages.
3) Added acknowledgements. | +| v1.0-wd02-wip | 8/30/2018 | Lemire | Inserted proposed replacements for sequence diagrams (Figures 2 and 3). | +| v1.0-wd02-wip | 8/31/2018 | Lemire | 1) Inserted initial draft conformance language (section 4).
2) Revised Section 1 content for greater consistency with related OpenC2 specifications.
3) Revised section 2.1 to merge proposed endpoint role descriptions
4) General edit for formatting, readability, consistency, etc. | +| v1.0-wd02-wip | 9/11/2018 | Lemire | 1) Reviewed and accepted / rejected comments.
2) Added placeholders for addressing use of "From" field.
3) Added statements about using Cache-control | +| v1.0-wd02-wip | 9/17/2018 | Lemire | 1) Added table to conformance section specifying mapping of Language Spec message elements.
2) Clarified certificate mutual authentication requirement.
3) Removed language about unsolicited responses from Consumers
4) Numbered the conformance items | +| v1.0-wd02-wip | 9/17/2018 | Lemire | 1) Removed used of the HTTP "From:" field, and mapped the OpenC2 "from" message element to the authenticated identity of the peer entity
2) Updated examples to remove HTTP From: | +| v1.0-wd02-wip | 9/19/2018 | Lemire | 1) Final clean-up of residual comments and edits to create WD02 package for CSD ballot.
2) Renamed document to WD03-wip | +| v1.0-wd03-wip | 10/15/2018 | Lemire | 1) Reorganized section 1 to align with other OpenC2 specifications
2) Reworded section 3.3.1 to properly use MUST / SHALL language
3) Clarified requirements wording section 3.2.2 to better indicate TLS version requirements and preferences, and authentication requirements.
4) Updated Table 4-1 to align with changes to Language Specification Table 3-1. | +| v1.0-wd03-wip | 10/16/2018 | Lemire | 1) Final clean-up of residual edits to create WD03 package for CSD approval and release for public review. | +| v1.0-wd03-wip | 3/27/2019 | Lemire | Resolution of issues from public review 1. | +| v1.0-wd03-wip | 3/28/2019 | Lemire | Incremented WD version number to 05 prior to CSD ballot to eliminate ambiguity. | +| v1.0-wd06-wip | 5/14/2019 | Lemire | Resolution of issues from public review 2 and adjustments for consistency across the suite of specifications. | +| v1.1-wdxx-wip | x/x/2020 | Lemire | Minor corrections and changes from January 2020 Plug Fest experience | + # Appendix E. Examples # Appendix F. Notices \ No newline at end of file From 7a178ed78abe91e9957e913c8358bd8d39de034a Mon Sep 17 00:00:00 2001 From: David Lemire Date: Wed, 30 Jun 2021 14:39:55 -0400 Subject: [PATCH 06/18] Update revision history table --- open-impl-https.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/open-impl-https.md b/open-impl-https.md index e185fbd..6e25a58 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -664,7 +664,8 @@ The following individuals are acknowledged for providing comments, suggested tex | v1.0-wd03-wip | 3/27/2019 | Lemire | Resolution of issues from public review 1. | | v1.0-wd03-wip | 3/28/2019 | Lemire | Incremented WD version number to 05 prior to CSD ballot to eliminate ambiguity. | | v1.0-wd06-wip | 5/14/2019 | Lemire | Resolution of issues from public review 2 and adjustments for consistency across the suite of specifications. | -| v1.1-wdxx-wip | x/x/2020 | Lemire | Minor corrections and changes from January 2020 Plug Fest experience | +| v1.0-wd07 | 6/23/2021 | Lemire | Minor corrections and changes from January 2020 Plug Fest experience, other miscellaneous updates. Captures states of working draft prior to reorganization against new OASIS template | +| v1.0-wd08 | 6/xx/2021 | Lemire | Reorganizes specification to use the new OASIS template | # Appendix E. Examples From b2edd2641450d14d969386891a8f7884c4d8c477 Mon Sep 17 00:00:00 2001 From: David Lemire Date: Wed, 30 Jun 2021 14:41:52 -0400 Subject: [PATCH 07/18] Move examples & renumber subsections --- open-impl-https.md | 125 +++++++++++++++++++++++---------------------- 1 file changed, 63 insertions(+), 62 deletions(-) diff --git a/open-impl-https.md b/open-impl-https.md index 6e25a58..560ba1d 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -474,68 +474,6 @@ _This section is non-normative._ --- # Annex B. Examples -_This section is non-normative._ - -OpenC2 Messages consist of a set of "message elements" defined in Section 3.2 of [[OpenC2-Lang-v1.0](#openc2-lang-v10)]. Table 4-1 of this specification defines how the message elements are handled with HTTPS transfer. Broadly speaking the message content (i.e., Commands and Responses) is carried in the HTTP message body while the remaining elements are handled in HTTP headers. The example Messages below illustrate how this is handled in practice. - -A Request-URI ending in /openc2 is used in all example HTTP requests. - -## B.1 HTTP Request / Response Examples: Consumer as HTTP Server -This section presents the HTTP message structures used when the OpenC2 Consumer acts as the HTTP listener. - -### B.1.1 Producer HTTP POST with OpenC2 Command -Example message: - -``` -POST /openc2 HTTP/1.1 -Content-type: application/openc2-cmd+json;version=1.0 -Date: Wed, 19 Dec 2018 22:15:00 GMT - -{ - "headers": { - "request_id": "d1ac0489-ed51-4345-9175-f3078f30afe5" - "created": 1545257700000, - "from": "oc2producer.company.net", - "to": ["oc2consumer.company.net"] - }, - "body": { - "openc2": { - "request": { - "action": ... - "target": ... - "args": ... - } - } - } -} -``` - -### B.1.2 Consumer HTTP Response with OpenC2 Response -Example message: - -``` -HTTP/1.1 200 OK -Date: Wed, 19 Dec 2018 22:15:10 GMT -Content-type: application/openc2-rsp+json;version=1.0 - -{ - "headers": { - "request_id": "d1ac0489-ed51-4345-9175-f3078f30afe5" - "created": 1545257710000, - "from": "oc2consumer.company.net", - "to": ["oc2producer.company.net"] - }, - "body": { - "openc2": { - "response": { - "status": 200, - "status_text": ... - "results": ... - } - } - } -} -``` --- # Annex C. Acknowledgments @@ -668,5 +606,68 @@ The following individuals are acknowledged for providing comments, suggested tex | v1.0-wd08 | 6/xx/2021 | Lemire | Reorganizes specification to use the new OASIS template | # Appendix E. Examples +_This section is non-normative._ + +OpenC2 Messages consist of a set of "message elements" defined in Section 3.2 of [[OpenC2-Lang-v1.0](#openc2-lang-v10)]. Table 4-1 of this specification defines how the message elements are handled with HTTPS transfer. Broadly speaking the message content (i.e., Commands and Responses) is carried in the HTTP message body while the remaining elements are handled in HTTP headers. The example messages below illustrate how this is handled in practice. + +A Request-URI ending in /openc2 is used in all example HTTP requests. + +## E.1 HTTP Request / Response Examples: Consumer as HTTP Server +This section presents the HTTP message structures used when the OpenC2 Consumer acts as the HTTP listener. + +### E.1.1 Producer HTTP POST with OpenC2 Command +Example message: + +``` +POST /openc2 HTTP/1.1 +Content-type: application/openc2-cmd+json;version=1.0 +Date: Wed, 19 Dec 2018 22:15:00 GMT + +{ + "headers": { + "request_id": "d1ac0489-ed51-4345-9175-f3078f30afe5" + "created": 1545257700000, + "from": "oc2producer.company.net", + "to": ["oc2consumer.company.net"] + }, + "body": { + "openc2": { + "request": { + "action": ... + "target": ... + "args": ... + } + } + } +} +``` + +### E.1.2 Consumer HTTP Response with OpenC2 Response +Example message: + +``` +HTTP/1.1 200 OK +Date: Wed, 19 Dec 2018 22:15:10 GMT +Content-type: application/openc2-rsp+json;version=1.0 + +{ + "headers": { + "request_id": "d1ac0489-ed51-4345-9175-f3078f30afe5" + "created": 1545257710000, + "from": "oc2consumer.company.net", + "to": ["oc2producer.company.net"] + }, + "body": { + "openc2": { + "response": { + "status": 200, + "status_text": ... + "results": ... + } + } + } +} +``` + # Appendix F. Notices \ No newline at end of file From d2560fb6cd93709cc3f88a45b1820ef305a879fb Mon Sep 17 00:00:00 2001 From: David Lemire Date: Wed, 30 Jun 2021 14:42:50 -0400 Subject: [PATCH 08/18] move notices --- open-impl-https.md | 39 ++++++++++++++++++++------------------- 1 file changed, 20 insertions(+), 19 deletions(-) diff --git a/open-impl-https.md b/open-impl-https.md index 560ba1d..de35a6e 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -58,24 +58,6 @@ _Specification for Transfer of OpenC2 Messages via HTTPS Version 1.0_. Edited by --- -## Notices -Copyright © OASIS Open 2019. All Rights Reserved. - -All capitalized terms in the following text have the meanings assigned to them in the OASIS Intellectual Property Rights Policy (the "OASIS IPR Policy"). The full [Policy](https://www.oasis-open.org/policies-guidelines/ipr) may be found at the OASIS website. - -This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published, and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this section are included on all such copies and derivative works. However, this document itself may not be modified in any way, including by removing the copyright notice or references to OASIS, except as needed for the purpose of developing any document or deliverable produced by an OASIS Technical Committee (in which case the rules applicable to copyrights, as set forth in the OASIS IPR Policy, must be followed) or as required to translate it into languages other than English. - -The limited permissions granted above are perpetual and will not be revoked by OASIS or its successors or assigns. - -This document and the information contained herein is provided on an "AS IS" basis and OASIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY OWNERSHIP RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. - -OASIS requests that any OASIS Party or any other party that believes it has patent claims that would necessarily be infringed by implementations of this OASIS Committee Specification or OASIS Standard, to notify OASIS TC Administrator and provide an indication of its willingness to grant patent licenses to such patent claims in a manner consistent with the IPR Mode of the OASIS Technical Committee that produced this specification. - -OASIS invites any party to contact the OASIS TC Administrator if it is aware of a claim of ownership of any patent claims that would necessarily be infringed by implementations of this specification by a patent holder that is not willing to provide a license to such patent claims in a manner consistent with the IPR Mode of the OASIS Technical Committee that produced this specification. OASIS may include such claims on its website, but disclaims any obligation to do so. - -OASIS takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on OASIS' procedures with respect to rights in any document or deliverable produced by an OASIS Technical Committee can be found on the OASIS website. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this OASIS Committee Specification or OASIS Standard, can be obtained from the OASIS TC Administrator. OASIS makes no representation that any information or list of intellectual property rights will at any time be complete, or that any claims in such list are, in fact, Essential Claims. - -The name "OASIS" is a trademark of [OASIS](https://www.oasis-open.org/), the owner and developer of this specification, and should be used only to refer to the organization and its official outputs. OASIS welcomes reference to, and implementation and use of, specifications, while reserving the right to enforce its marks against misleading uses. Please see https://www.oasis-open.org/policies-guidelines/trademark for above guidance. --- @@ -670,4 +652,23 @@ Content-type: application/openc2-rsp+json;version=1.0 ``` -# Appendix F. Notices \ No newline at end of file +# Appendix F. Notices + +## Notices +Copyright © OASIS Open 2019. All Rights Reserved. + +All capitalized terms in the following text have the meanings assigned to them in the OASIS Intellectual Property Rights Policy (the "OASIS IPR Policy"). The full [Policy](https://www.oasis-open.org/policies-guidelines/ipr) may be found at the OASIS website. + +This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published, and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this section are included on all such copies and derivative works. However, this document itself may not be modified in any way, including by removing the copyright notice or references to OASIS, except as needed for the purpose of developing any document or deliverable produced by an OASIS Technical Committee (in which case the rules applicable to copyrights, as set forth in the OASIS IPR Policy, must be followed) or as required to translate it into languages other than English. + +The limited permissions granted above are perpetual and will not be revoked by OASIS or its successors or assigns. + +This document and the information contained herein is provided on an "AS IS" basis and OASIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY OWNERSHIP RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +OASIS requests that any OASIS Party or any other party that believes it has patent claims that would necessarily be infringed by implementations of this OASIS Committee Specification or OASIS Standard, to notify OASIS TC Administrator and provide an indication of its willingness to grant patent licenses to such patent claims in a manner consistent with the IPR Mode of the OASIS Technical Committee that produced this specification. + +OASIS invites any party to contact the OASIS TC Administrator if it is aware of a claim of ownership of any patent claims that would necessarily be infringed by implementations of this specification by a patent holder that is not willing to provide a license to such patent claims in a manner consistent with the IPR Mode of the OASIS Technical Committee that produced this specification. OASIS may include such claims on its website, but disclaims any obligation to do so. + +OASIS takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on OASIS' procedures with respect to rights in any document or deliverable produced by an OASIS Technical Committee can be found on the OASIS website. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this OASIS Committee Specification or OASIS Standard, can be obtained from the OASIS TC Administrator. OASIS makes no representation that any information or list of intellectual property rights will at any time be complete, or that any claims in such list are, in fact, Essential Claims. + +The name "OASIS" is a trademark of [OASIS](https://www.oasis-open.org/), the owner and developer of this specification, and should be used only to refer to the organization and its official outputs. OASIS welcomes reference to, and implementation and use of, specifications, while reserving the right to enforce its marks against misleading uses. Please see https://www.oasis-open.org/policies-guidelines/trademark for above guidance. From 355250a8e0d8eeea08e17d25430568f8a4afaa6f Mon Sep 17 00:00:00 2001 From: David Lemire Date: Wed, 30 Jun 2021 14:44:00 -0400 Subject: [PATCH 09/18] Update notices from AV AP starter doc --- open-impl-https.md | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/open-impl-https.md b/open-impl-https.md index de35a6e..237674e 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -655,7 +655,7 @@ Content-type: application/openc2-rsp+json;version=1.0 # Appendix F. Notices ## Notices -Copyright © OASIS Open 2019. All Rights Reserved. +Copyright © OASIS Open 2021. All Rights Reserved. All capitalized terms in the following text have the meanings assigned to them in the OASIS Intellectual Property Rights Policy (the "OASIS IPR Policy"). The full [Policy](https://www.oasis-open.org/policies-guidelines/ipr) may be found at the OASIS website. @@ -665,10 +665,12 @@ The limited permissions granted above are perpetual and will not be revoked by O This document and the information contained herein is provided on an "AS IS" basis and OASIS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY OWNERSHIP RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. -OASIS requests that any OASIS Party or any other party that believes it has patent claims that would necessarily be infringed by implementations of this OASIS Committee Specification or OASIS Standard, to notify OASIS TC Administrator and provide an indication of its willingness to grant patent licenses to such patent claims in a manner consistent with the IPR Mode of the OASIS Technical Committee that produced this specification. +As stated in the OASIS IPR Policy, the following three paragraphs in brackets apply to OASIS Standards Final Deliverable documents (Committee Specification, Candidate OASIS Standard, OASIS Standard, or Approved Errata). -OASIS invites any party to contact the OASIS TC Administrator if it is aware of a claim of ownership of any patent claims that would necessarily be infringed by implementations of this specification by a patent holder that is not willing to provide a license to such patent claims in a manner consistent with the IPR Mode of the OASIS Technical Committee that produced this specification. OASIS may include such claims on its website, but disclaims any obligation to do so. +\[OASIS requests that any OASIS Party or any other party that believes it has patent claims that would necessarily be infringed by implementations of this OASIS Standards Final Deliverable, to notify OASIS TC Administrator and provide an indication of its willingness to grant patent licenses to such patent claims in a manner consistent with the IPR Mode of the OASIS Technical Committee that produced this deliverable.\] -OASIS takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on OASIS' procedures with respect to rights in any document or deliverable produced by an OASIS Technical Committee can be found on the OASIS website. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this OASIS Committee Specification or OASIS Standard, can be obtained from the OASIS TC Administrator. OASIS makes no representation that any information or list of intellectual property rights will at any time be complete, or that any claims in such list are, in fact, Essential Claims. +\[OASIS invites any party to contact the OASIS TC Administrator if it is aware of a claim of ownership of any patent claims that would necessarily be infringed by implementations of this OASIS Standards Final Deliverable by a patent holder that is not willing to provide a license to such patent claims in a manner consistent with the IPR Mode of the OASIS Technical Committee that produced this OASIS Standards Final Deliverable. OASIS may include such claims on its website, but disclaims any obligation to do so.\] + +\[OASIS takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this OASIS Standards Final Deliverable or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on OASIS' procedures with respect to rights in any document or deliverable produced by an OASIS Technical Committee can be found on the OASIS website. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this OASIS Standards Final Deliverable, can be obtained from the OASIS TC Administrator. OASIS makes no representation that any information or list of intellectual property rights will at any time be complete, or that any claims in such list are, in fact, Essential Claims.\] The name "OASIS" is a trademark of [OASIS](https://www.oasis-open.org/), the owner and developer of this specification, and should be used only to refer to the organization and its official outputs. OASIS welcomes reference to, and implementation and use of, specifications, while reserving the right to enforce its marks against misleading uses. Please see https://www.oasis-open.org/policies-guidelines/trademark for above guidance. From 7ea48dde899956007b3e8433abc6bbbd27facb23 Mon Sep 17 00:00:00 2001 From: David Lemire Date: Wed, 30 Jun 2021 14:46:01 -0400 Subject: [PATCH 10/18] Update front mater from AP AV starter doc --- open-impl-https.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/open-impl-https.md b/open-impl-https.md index 237674e..539fa8b 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -49,6 +49,9 @@ This specification is provided under the [Non-Assertion](https://www.oasis-open. Note that any machine-readable content ([Computer Language Definitions](https://www.oasis-open.org/policies-guidelines/tc-process#wpComponentsCompLang)) declared Normative for this Work Product is provided in separate plain text files. In the event of a discrepancy between any such plain text file and display content in the Work Product's prose narrative document(s), the content in the separate plain text file prevails. +#### Key words: +The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [[RFC2119](#rfc2119)] and [[RFC8174](#rfc8174)] when, and only when, they appear in all capitals, as shown here. + #### Citation format: When referencing this specification the following citation format should be used: @@ -58,6 +61,15 @@ _Specification for Transfer of OpenC2 Messages via HTTPS Version 1.0_. Edited by --- +## Notices +Copyright © OASIS Open 2021. All Rights Reserved. + +Distributed under the terms of the OASIS [IPR Policy](https://www.oasis-open.org/policies-guidelines/ipr). + +The name "OASIS" is a trademark of [OASIS](https://www.oasis-open.org/), the owner and developer of this specification, and should be used only to refer to the organization and its official outputs. + +For complete copyright information please see the Notices section in the Appendix. + --- From d32b9ad2927559f996b6d5bdc044fd1826716556 Mon Sep 17 00:00:00 2001 From: David Lemire Date: Wed, 30 Jun 2021 14:47:44 -0400 Subject: [PATCH 11/18] Update WD number and TC chair and editor info --- open-impl-https.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/open-impl-https.md b/open-impl-https.md index 539fa8b..09bd515 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -2,7 +2,7 @@ --- # Specification for Transfer of OpenC2 Messages via HTTPS Version 1.0 -## Committee Specification 01 +## Working Draft 08 ## DD MMM 2021 #### This version: @@ -24,11 +24,10 @@ https://docs.oasis-open.org/openc2/open-impl-https/v1.0/open-impl-https-v1.0.pdf [OASIS Open Command and Control (OpenC2) TC](https://www.oasis-open.org/committees/openc2/) #### Chairs: -Joe Brule (jmbrule@nsa.gov), [National Security Agency](https://www.nsa.gov/) \ Duncan Sparrell (duncan@sfractal.com), [sFractal Consulting LLC](http://www.sfractal.com/) #### Editor: -David Lemire (dave.lemire@g2-inc.com), [G2, Inc.](http://www.g2-inc.com/) +David Lemire (david.lemire@hii-tsd.com), [Huntington Ingalls Industries, Inc.](http://www.g2-inc.com/) #### Related work: From 254dba6cd515eba72fd132edf4252863f0438a99 Mon Sep 17 00:00:00 2001 From: David Lemire Date: Wed, 30 Jun 2021 14:50:36 -0400 Subject: [PATCH 12/18] Rename 1.2 and populate subsections per template --- open-impl-https.md | 45 +++++++++++++++++++++++---------------------- 1 file changed, 23 insertions(+), 22 deletions(-) diff --git a/open-impl-https.md b/open-impl-https.md index 09bd515..81d0174 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -121,7 +121,9 @@ OpenC2 allows the application producing the commands to discover the set of capa ## 1.1 IPR Policy This specification is provided under the [Non-Assertion](https://www.oasis-open.org/policies-guidelines/ipr#Non-Assertion-Mode) Mode of the [OASIS IPR Policy](https://www.oasis-open.org/policies-guidelines/ipr), the mode chosen when the Technical Committee was established. For information on whether any patents have been disclosed that may be essential to implementing this specification, and any offers of patent licensing terms, please refer to the Intellectual Property Rights section of the TC's web page ([https://www.oasis-open.org/committees/openc2/ipr.php](https://www.oasis-open.org/committees/openc2/ipr.php)). -## 1.2 Terminology +## 1.2 Glossary + +### 1.2.1 Definition of Terms _This section is normative._ @@ -136,19 +138,34 @@ _This section is normative._ * **Specifier**: A property or field that identifies a Target or Actuator to some level of precision. * **Target**: The object of the Action, i.e., the Action is performed on the Target (e.g., IP Address). -The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [[RFC2119](#rfc2119)] and [[RFC8174](#rfc8174)] when, and only when, they appear in all capitals, as shown here. +### 1.2.2 Acronyms and Abbreviations + +_This section is non-normative._ -A list of acronyms is provided in [Annex A](#annex-a-acronyms). +| Term | Expansion | +|:---|:---| +| 0-RTT | Zero Round Trip Time | +| API | Application Programming Interface | +| HTTP | Hypertext Transfer Protocol | +| HTTPS | HTTP over TLS | +| IETF | Internet Engineering Task Force | +| IPR | Intellectual Property Rights | +| JSON | JavaScript Object Notation | +| RFC | Request For Comment | +| RID | Real-time Inter-network Defense | +| TC | Technical Committee | +| TCP | Transmission Control Protocol | +| TLS | Transport Layer Security | +### 1.2.3 Document Conventions -## 1.5 Document Conventions -### 1.5.1 Naming Conventions +#### 1.2.3.1 Naming Conventions * [[RFC2119]](#rfc2119)/[[RFC8174]](#rfc8174) key words (see [Section 1.2](#12-terminology)) are in all uppercase. * All property names and literals are in lowercase, except when referencing canonical names defined in another standard (e.g., literal values from an IANA registry). * Words in property names are separated with an underscore (_), while words in string enumerations and type names are separated with a hyphen (-). * The term "hyphen" used here refers to the ASCII hyphen or minus character, which in Unicode is "hyphen-minus", U+002D. -### 1.5.2 Font Colors and Style +#### 1.2.3.2 Font Colors and Style The following color, font and font style conventions are used in this document: * A fixed width font is used for all type names, property names, and literals. @@ -448,22 +465,6 @@ A conformant implementation of this transfer specification MUST: --- # Annex A. Acronyms -_This section is non-normative._ - -| Term | Expansion | -|:---|:---| -| 0-RTT | Zero Round Trip Time | -| API | Application Programming Interface | -| HTTP | Hypertext Transfer Protocol | -| HTTPS | HTTP over TLS | -| IETF | Internet Engineering Task Force | -| IPR | Intellectual Property Rights | -| JSON | JavaScript Object Notation | -| RFC | Request For Comment | -| RID | Real-time Inter-network Defense | -| TC | Technical Committee | -| TCP | Transmission Control Protocol | -| TLS | Transport Layer Security | --- # Annex B. Examples From 4fec497645c258ee5f867f1c0b8fd62c5d237ba6 Mon Sep 17 00:00:00 2001 From: David Lemire Date: Wed, 30 Jun 2021 14:51:42 -0400 Subject: [PATCH 13/18] renumber remaining 1.x subsections --- open-impl-https.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/open-impl-https.md b/open-impl-https.md index 81d0174..118c5ef 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -203,7 +203,7 @@ Content-type: application/openc2-cmd+json;version=1.0 } ``` -## 1.6 Overview +## 1.3 Overview In general, there are two types of participants involved in the exchange of OpenC2 Messages, as depicted in Figure 1-1: 1. **Producers**: A Producer is an entity that creates Commands to provide instruction to one or more systems to act in accordance with the content of the Command. A Producer may receive and process Responses in conjunction with a Command. 2. **Consumers**: A Consumer is an entity that receives and may act upon a Command. A Consumer may create Responses that provide any information captured or necessary to send back to the Producer. @@ -250,7 +250,7 @@ The components of a Command are an Action (what is to be done), a Target (what i The components of a Response are a numerical status code, an optional status text string, and optional results. The format of the results, if included, depend on the type of Response being transferred. -## 1.7 Goal +## 1.4 Goal The goal of the OpenC2 Language Specification is to provide a language for interoperating between functional elements of cyber defense systems. This language used in conjunction with OpenC2 Actuator Profiles and OpenC2 Transfer Specifications allows for vendor-agnostic cybertime response to attacks. The Integrated Adaptive Cyber Defense (IACD) framework defines a collection of activities, based on the traditional OODA (Observe–Orient–Decide–Act) Loop [[IACD]](#iacd): @@ -267,7 +267,7 @@ The goal of OpenC2 is to enable coordinated defense in cyber-relevant time betwe * **Abstract:** Commands and Responses are defined abstractly and can be encoded and transferred via multiple schemes as dictated by the needs of different implementation environments * **Extensible:** While OpenC2 defines a core set of Actions and Targets for cyber defense, the language is expected to evolve with cyber defense technologies, and permits extensions to accommodate new cyber defense technologies. -## 1.8 Suitability +## 1.5 Suitability This document specifies the use of Hypertext Transfer Protocol (HTTP) over Transport Layer Security (TLS) as a transfer mechanism for OpenC2 Messages; this HTTP/TLS layering is typically referred to as HTTPS [[RFC2818](#rfc2818)]. As described in [[RFC3205](#rfc3205)], HTTP has become a common "substrate" for information transfer for other application-level protocols. From 9e319496c10bbbf4fa05a4dae5f9dc2abea1e062 Mon Sep 17 00:00:00 2001 From: David Lemire Date: Wed, 30 Jun 2021 14:52:51 -0400 Subject: [PATCH 14/18] Delete obsolete Annex headings --- open-impl-https.md | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/open-impl-https.md b/open-impl-https.md index 118c5ef..000402b 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -462,21 +462,6 @@ A conformant implementation of this transfer specification MUST: **Table 4-1 - Message Element Implementation** ---- -# Annex A. Acronyms - - ---- -# Annex B. Examples - ---- -# Annex C. Acknowledgments - - ---- -# Annex D. Revision History - - # Appendix A. References From 724f48ae15668c7a5520710f584ce3ec59d4d18c Mon Sep 17 00:00:00 2001 From: David Lemire Date: Wed, 30 Jun 2021 14:55:54 -0400 Subject: [PATCH 15/18] begin updating 1.1 per new template --- open-impl-https.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/open-impl-https.md b/open-impl-https.md index 000402b..7d79514 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -118,8 +118,10 @@ OpenC2 is a suite of specifications that enables command and control of cyber de OpenC2 allows the application producing the commands to discover the set of capabilities supported by the managed devices. These capabilities permit the managing application to adjust its behavior to take advantage of the features exposed by the managed device. The capability definitions can be easily extended in a noncentralized manner, allowing standard and non-standard capabilities to be defined with semantic and syntactic rigor. -## 1.1 IPR Policy -This specification is provided under the [Non-Assertion](https://www.oasis-open.org/policies-guidelines/ipr#Non-Assertion-Mode) Mode of the [OASIS IPR Policy](https://www.oasis-open.org/policies-guidelines/ipr), the mode chosen when the Technical Committee was established. For information on whether any patents have been disclosed that may be essential to implementing this specification, and any offers of patent licensing terms, please refer to the Intellectual Property Rights section of the TC's web page ([https://www.oasis-open.org/committees/openc2/ipr.php](https://www.oasis-open.org/committees/openc2/ipr.php)). +## 1.1 Changes from Earlier Versions + +This version (WD08) has been updated to use the OASIS work product outline published in last 2020 ("2020style"). + ## 1.2 Glossary From 29e132c2a23610a04a8b2341d7db6775ed791273 Mon Sep 17 00:00:00 2001 From: David Lemire Date: Thu, 1 Jul 2021 11:33:46 -0400 Subject: [PATCH 16/18] clean-up pass (references, etc.) --- open-impl-https.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/open-impl-https.md b/open-impl-https.md index 7d79514..ba24e6c 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -33,7 +33,8 @@ David Lemire (david.lemire@hii-tsd.com), [Huntington Ingalls Industries, Inc.](h This specification is related to: -_Open Command and Control (OpenC2) Language Specification Version 1.0_. Edited by Jason Romano and Duncan Sparrell. Latest version: https://docs.oasis-open.org/openc2/oc2ls/v1.0/oc2ls-v1.0.html. \ +_Open Command and Control (OpenC2) Language Specification Version 1.0_. Edited by Jason Romano and Duncan Sparrell. Latest version: https://docs.oasis-open.org/openc2/oc2ls/v1.0/oc2ls-v1.0.html. + _Open Command and Control (OpenC2) Profile for Stateless Packet Filtering Version 1.0_. Edited by Joe Brule, Duncan Sparrell and Alex Everett. Latest version: https://docs.oasis-open.org/openc2/oc2slpf/v1.0/oc2slpf-v1.0.html. #### Abstract: @@ -434,7 +435,7 @@ the conditions for populating the Date: header specified in Section 7.1.1.2 of RFC 7231 SHALL be followed -Example messages can be found in Annex B, section B.1. +Example messages can be found in Appendix E, section E.1. --- @@ -508,6 +509,8 @@ M. J. Herring, K. D. Willett, "Active Cyber Defense: A Vision for Real-Time Cybe # Appendix B. Safety, Security and Privacy Considerations +Security considerations are addressed in Section 3.3.2, TLS Usage. + # Appendix C. Acknowledgements The Implementation Considerations Subcommittee was tasked by the OASIS Open Command and Control Technical Committee (OpenC2 TC) which at the time of this submission, had 132 members. The editor wishes to express their gratitude to the members of the OpenC2 TC. From ab8243ec334a3e9d07f7ca9b978bdfd47d202bf9 Mon Sep 17 00:00:00 2001 From: David Lemire Date: Thu, 1 Jul 2021 11:46:50 -0400 Subject: [PATCH 17/18] Update TOC --- open-impl-https.md | 73 +++++++++++++++++++++++----------------------- 1 file changed, 37 insertions(+), 36 deletions(-) diff --git a/open-impl-https.md b/open-impl-https.md index ba24e6c..d2fd25d 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -73,41 +73,42 @@ For complete copyright information please see the Notices section in the Appendi --- -## Table of Contents -- [1 Introduction](#1-introduction) - - [1.1 IPR Policy](#11-ipr-policy) - - [1.2 Terminology](#12-terminology) - - [1.3 Normative References](#13-normative-references) - - [1.4 Non-Normative References](#14-non-normative-references) - - [1.5 Document Conventions](#15-document-conventions) - - [1.5.1 Naming Conventions](#151-naming-conventions) - - [1.5.2 Font Colors and Style](#152-font-colors-and-style) - - [1.6 Overview](#16-overview) - - [1.7 Goal](#17-goal) - - [1.8 Suitability](#18-suitability) -- [2 Operating Model](#2-operating-model) -- [3 Protocol Mappings](#3-protocol-mappings) - - [3.1 Layering Overview](#31-layering-overview) - - [3.2 General Requirements](#32-general-requirements) - - [3.2.1 HTTP Usage](#321-http-usage) - - [3.2.2 TLS Usage](#322-tls-usage) - - [3.2.3 Authentication](#323-authentication) - - [3.3 OpenC2 Message Format](#33-openc2-message-format) - - [3.3.1 Content Type and Serialization](#331--content-type-and-serialization) - - [3.3.2 OpenC2 Message Structure](#332-openc2-message-structure) - - [3.4 OpenC2 Consumer as HTTP/TLS - Server](#34-openc2-consumer-as-httptls-server) -- [4 Conformance](#4-conformance) -- [Annex A. Acronyms](#annex-a-acronyms) -- [Annex B. Examples](#annex-b-examples) - - [B.1 HTTP Request / Response Examples: Consumer as HTTP - Server](#b1-http-request--response-examples-consumer-as-http-server) - - [B.1.1 Producer HTTP POST with OpenC2 - Command](#b11-producer-http-post-with-openc2-command) - - [B.1.2 Consumer HTTP Response with OpenC2 - Response](#b12-consumer-http-response-with-openc2-response) -- [Annex C. Acknowledgments](#annex-c-acknowledgments) -- [Annex D. Revision History](#annex-d-revision-history) +- [1 Introduction](#1-introduction) + - [1.1 Changes from Earlier Versions](#11-changes-from-earlier-versions) + - [1.2 Glossary](#12-glossary) + - [1.2.1 Definition of Terms](#121-definition-of-terms) + - [1.2.2 Acronyms and Abbreviations](#122-acronyms-and-abbreviations) + - [1.2.3 Document Conventions](#123-document-conventions) + - [1.2.3.1 Naming Conventions](#1231-naming-conventions) + - [1.2.3.2 Font Colors and Style](#1232-font-colors-and-style) + - [1.3 Overview](#13-overview) + - [1.4 Goal](#14-goal) + - [1.5 Suitability](#15-suitability) +- [2 Operating Model](#2-operating-model) +- [3 Protocol Mappings](#3-protocol-mappings) + - [3.1 Layering Overview](#31-layering-overview) + - [3.2 General Requirements](#32-general-requirements) + - [3.2.1 HTTP Usage](#321-http-usage) + - [3.2.2 TLS Usage](#322-tls-usage) + - [3.2.3 Authentication](#323-authentication) + - [3.3 OpenC2 Message Format](#33-openc2-message-format) + - [3.3.1 Content Type and Serialization](#331--content-type-and-serialization) + - [3.3.2 OpenC2 Message Structure](#332-openc2-message-structure) + - [3.4 OpenC2 Consumer as HTTP/TLS Server](#34-openc2-consumer-as-httptls-server) +- [4 Conformance](#4-conformance) +- [Appendix A. References](#appendix-a-references) + - [A.1 Normative References](#a1-normative-references) + - [A.2 Informative References](#a2-informative-references) +- [Appendix B. Safety, Security and Privacy Considerations](#appendix-b-safety-security-and-privacy-considerations) +- [Appendix C. Acknowledgements](#appendix-c-acknowledgements) + - [C.1 Special Thanks](#c1-special-thanks) + - [C.2 Participants](#c2-participants) +- [Appendix D. Revision History](#appendix-d-revision-history) +- [Appendix E. Examples](#appendix-e-examples) + - [E.1 HTTP Request / Response Examples: Consumer as HTTP Server](#e1-http-request--response-examples-consumer-as-http-server) + - [E.1.1 Producer HTTP POST with OpenC2 Command](#e11-producer-http-post-with-openc2-command) + - [E.1.2 Consumer HTTP Response with OpenC2 Response](#e12-consumer-http-response-with-openc2-response) +- [Appendix F. Notices](#appendix-f-notices) --- @@ -509,7 +510,7 @@ M. J. Herring, K. D. Willett, "Active Cyber Defense: A Vision for Real-Time Cybe # Appendix B. Safety, Security and Privacy Considerations -Security considerations are addressed in Section 3.3.2, TLS Usage. +Security considerations are addressed in [Section 3.2.2 TLS Usage](#322-tls-usage). # Appendix C. Acknowledgements From 1d1406da2ca83ab577dbacfdd55d859406518196 Mon Sep 17 00:00:00 2001 From: David Lemire Date: Thu, 1 Jul 2021 11:51:08 -0400 Subject: [PATCH 18/18] Update 1.1 (changes from ...) --- open-impl-https.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/open-impl-https.md b/open-impl-https.md index d2fd25d..c1fdbc0 100644 --- a/open-impl-https.md +++ b/open-impl-https.md @@ -122,7 +122,7 @@ OpenC2 allows the application producing the commands to discover the set of capa ## 1.1 Changes from Earlier Versions -This version (WD08) has been updated to use the OASIS work product outline published in last 2020 ("2020style"). +This version (WD08) has been updated to use the OASIS work product outline published in last 2020 ("2020style"). It also includes minor corrections and changes from January 2020 Plug Fest experience, and other miscellaneous updates. ## 1.2 Glossary