[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [cti-stix] Finalizing Bundle
Continuing my unfinished message... Where are the markings defined? -Marlon From: cti-stix@lists.oasis-open.org on behalf of Taylor, Marlon Sent: Wednesday, June 01, 2016 9:35:01 AM To: Wunder, John A.; Terry MacDonald; Jordan, Bret Cc: cti-stix@lists.oasis-open.org Subject: RE: [cti-stix] Finalizing Bundle Thanks for the list John!
I can't access the link right now so pardon sny questions that I would otherwise be able to answer myself if I read the page. From: cti-stix@lists.oasis-open.org on behalf of Wunder, John A. Sent: Wednesday, June 01, 2016 9:28:26 AM To: Taylor, Marlon; Terry MacDonald; Jordan, Bret Cc: cti-stix@lists.oasis-open.org Subject: Re: [cti-stix] Finalizing Bundle It’s in the Google Doc at the link below: https://docs.google.com/document/d/1HJqhvzO35h62gQGPvghVRIAtQrZn3_J__0UcDAj-NXY/edit#heading=h.c9oxowopqs2
- Tentatively has an ID - Does not have markings - Does not have “most_restrictive_marking” - Contains individual lists of TLOs
From:
Marlon Taylor <Marlon.Taylor@hq.dhs.gov>
Hi All,
From: cti-stix@lists.oasis-open.org on behalf of Terry MacDonald I believe we need an ID to support the transition period from sharing over non-TAXII communication methods to TAXII based communication. The potential negatives of one extra line in a file potentially multiple megabytes in size and the potential confusion that the ID needs to be tracked are minor in my opinion. The generated bundle ID will not need to be tracked by the producer if they don't want to. It is up to the consuming implementation if they want to track the incoming bundle IDs, and that will only be if they want to track incoming bundles to identify missing ones.
An example use case would be if someone was trying to get STIX packages into MISP. They could use a python script to poll a STIX server and then use python to interact with the MISP server to upload the STIX file. The bundle ID is only used by the python script to ensure that it has processed all the files, and can even be used to 'name' the files as they are written to disk.
Cheers
Terry MacDonald | Chief Product Officer
On Wed, Jun 1, 2016 at 5:16 AM, Jordan, Bret <bret.jordan@bluecoat.com> wrote:
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]