[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti] CTI TC Adoption and Interoperability SCs
Thanks, that helps.
One thing that might be worth calling out is what each statement means for pure consumers, pure producers, and hybrid products. For example in considering data markings a pure consumer would presumably need to support ALL of the data markings allowed in
the profile while a producer only needs to be able to produce some of them. OTOH pure consumers don't need to worry about re-sharing content w/ the original info source since they never share while hybrid products do.
From: "Jordan, Bret"
Date: Monday, July 13, 2015 at 2:55 PM To: "Wunder, John A." Cc: "cti@lists.oasis-open.org" Subject: Re: [cti] CTI TC Adoption and Interoperability SCs Is there a way with "your" product to trace the STIX object back to the original source/publisher?
Meaning, if someone send you a STIX package with an Information Source object included in it (and there is no data marking object that prevents the information source from being shared), do you keep it around and use it if you republish that STIX
package. Yes, it seems obvious in open sharing that people would do this, but my guess is that if we do not call it out, some will just drop it on the floor and do their own thing.
Thanks,
Bret
Bret Jordan CISSP
Director of Security Architecture and Standards | Office of the CTO
Blue Coat Systems
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]