[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-taxii] Open question: Server and User-Agent headers
On 08.02.2017 02:28:45, Bret Jordan wrote:
>
> The MIME types say that it is STIX content or TAXII content. What
> people are asking for is the ability broadcast the type and version
> of the server / client.
>
Speaking from past experience debugging STIX/TAXII 1.x
interoperability issues, the problem is immeasurably easier when you
can clearly determine from your logs which implementations are
correlated with the issue(s).
As John Wunder pointed out during yesterday's working call, in some
instances (e.g., DISA STIG requirements) you need the ability to
disable this behavior. But in most cases it's helpful to have this
information at hand. QED, TAXII servers and clients SHOULD support
identifying their type and version via the headers but the behavior
MAY be disabled when necessary.
Dave Cridland
Participate | Collaborate | Innovate
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]