I used this phrasing the other day, and I'll say it here as well: Lately, I've been on my own personal pilgrimage to the mecca of Message Queues.
The messaging and message queue (aka MQ) landscape is littered with messaging standards, both "official" (released by OASIS or similar) and "unofficial" [1]. The standards are all different in their own ways, and therefore any feature comparison that considers the whole landscape is difficult to create. Perhaps as an exemplar, AMQP 1.0 and AMQP 0.9.1 have entirely discontinuous scopes [2].
Increasing the difficulty of learning the messaging / MQ space is that there is no shortage of vested interests willing to bend an ear. All over the place there are well worded posts that could equally be the work of an interested, passionate individual, a corporate interest, or an astroturfer. Partly owing to my skepticism of these well-crafted messages, and partly because of my background, I don't feel that I truly "know" a standard until I've actually used it to solve a problem. To date, however, I've seen more messaging solutions than I've had messaging problems; so my discovery of the space is incomplete.
How does TAXII compare? There are similarities: TAXII moves information according to semantics it deems useful, people are using it, and there is a strong community around it; there's also a quasi-MQ structure (Data Feeds). There are also differences: TAXII has been designed specifically for threat information exchange (as noted earlier), and I'm not personally aware of other information sharing specs that have seen the same level of adoption.
That said, I've saved TAXII's biggest asset for last: The Future. TAXII will improve under the stewardship of this committee. TAXII will adapt to the knowledge we have gained over the past few years of implementation, interoperability, and growth, and TAXII will be better off for it. In fact, sustained success critically depends on these positive changes; otherwise some other upstart will take our place while we rest on our laurels congratulating ourselves for past successes.
Thank you.
-Mark
[1] An inexhaustive list: AMQP 1.0, AMQP 0.91, MQTT, XMPP, STOMP, WebSockets, SMTP, SOAP, ZeroMQ/ZMTP, Java Message Service (JMS). There are more!
[1]
http://kellabyte.com/2012/10/20/clarifying-amqp/-----Original Message-----
From: Tony Rutkowski [
mailto:tony@yaanatech.com]
Sent: Tuesday, July 14, 2015 9:48 AM
To: Davidson II, Mark S;
cti-taxii@lists.oasis-open.orgSubject: Re: [cti-taxii] TAXII, Past and Future
Hi Mark,
I've always been a supporter of TAXII. It is
definitely best of breed.
However, there are others out there that exist
in some of the same functionality space. As
we move forward, it will be important to explicitly
recognize those, distinguish them, and perhaps
even provide for a measure of interoperability.
Your overview of TAXII is excellent and the domain.
Perhaps you could also say something about the
others and how TAXII distinguishes itself.
--tony
---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail. Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php