[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-taxii] TAXII Conformance - proposed language
Thanks. I am really leaning the same way. TAXII 1.1.1 should be just what it is. There is a lot of optional stuff in TAXII 1.1 due to its open ended design. So if we really need to go with a conformance clause that is highly detailed, then we should probably drop the HTTP protocol binding and XML binding from the standard all together, as they are purely just optional. In fact, they represent a single implementation of many possible implementations. One could easily do SMTP, SNMP, SSH as the protocol, and we have a JSON version in addition to the XML but one could also easily do a YARA or Capn'Proto or ProtoBuf based implementation as well. TAXII 2.0 will be different. We will lock things down and make it so there is just one way of doing TAXII not an infinite number of ways to do TAXII. Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards | Office of the CTO Blue Coat Systems PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
|
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]