[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: STIX 2.0 Proposal5 : Abstract Source to top level construct rather than embedded only within other constructs (#233)
| I also really like this idea as it will enable well known producers to have defined source objects that do not need to be included with every object or package. Think of a big-data analytics systems that is producing 100 million indicators day, it would be great for it to just include a reference to some source object.. - But this will add a requirement to TAXII to make sure you can go ask a TAXII server for the rest of the object, if you do not have it. - A few comments: 1) I would like more information and examples of what you have in mind for the relationship_nature object. And does it really need to be a nested object or can it be flat? 2) Per my other email, we should fix the timestamp object and make it flat 3) Are the field values "from" and "to" the right names here? 4) Instead of calling the object type "related-source" should it not just be a "relationship" or are you envisioning multiple relationship type objects? Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards | Office of the CTO Blue Coat Systems PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg." |
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]