Hello all,
I have some feedback regarding the Agents and Targets section:
- When reading section 7, it is seems clear that target objects exist but no examples of them exist in the entire CACAO v2.0 specification. To clear confusion about their usage, it would be helpful to show one instance
of a target as well as its placement inside target_definitions, similar to the example on GitHub:
https://github.com/oasis-tcs/cacao/blob/master/Examples/CACAO-2.0/locky-bart-mbc-examples.md
- For the types of agent-target defined in 7.2-7.12, there is significant overlap in the definition of an entity and the form that is used to communicate with it. For example, 7.8, 7.10, and 7.12 do not define an
entity but rather a form of communication. Whereas 7.3-7.7, 7.9, and 7.11 define an entity.
- Additionally, there could be multiple ways to define an entity give the types defined. For example, consider a firewall: it is given as an example for both the HTTP API and the Network Address types (Examples
7.7 and 7.9); it is a category in the security-category-type-ov for the Security Category type; and it could easily be a candidate for definition using the SSH CLI and Linux System types, provided the particular firewallâs operating system and/or configuration.
- Lastly, I wanted to note that the Agents and Targets section could be a great candidate for collaboration with OpenC2 in the future since it also has similar concepts: Actuator and Target.
Thank you all very much for all the excellent contributions to this space and I look forward to the continued development of CACAO.
Kurt Karolenko
JHUAPL
|