OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti-taxii message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: TAXII per Chapter 5 of Fielding

Hello, CTI TAXII@OASIS people! Thanks to Jason and Bret for redirecting me to this discussion list.

I recently posted my first message on the CTI Users list. I'm grateful for the rapid responses from the group. In retrospect, I should have included this friendly preface in my initial message.

Here's the preface:

Preface: Throughout the software industry today, there is a popular understanding of the term "REST". You can find many sizable companies implementing a wide variety of web services under the label "REST". However, there is another philosophy of software architectural design that predates this commonly-understood "REST"--namely, that described by Dr. Roy Fielding in Chapter 5 of his dissertation. It is this earlier philosophy that I find compelling and wish to discuss.

To avoid confusion with other things called "REST", I'm intentionally calling this philosophy "Chapter 5".

To be perfectly clear, I am not now seeking another discussion about "REST"/JSON-over-HTTP/RPC/CRUD. Rather, I get excited about Resources, Content-Types and HATEOAS done well. I'm eager to find kindred spirits who are intimate with and appreciate Fielding's dissertation and would be interested in aligning TAXII with the architectural style of Chapter 5. 

To my fellow fans of Fielding: "Let's talk!" And to everyone else: "I still like you! We're cool. Please don't be mad.8^) To all: "Thanks for including me in the group. It's great to be here! Go...TAXII!"

With that preface in place, here's the initial message I posted. 

Hello, CTI@OASIS people! I'm relatively new here, so please forgive any heresy that follows. :^)

I've been reading the OASIS discussions for a couple months now. I've read the specification documents (whew!). I've coded with the Python libraries, and picked up on some of the nuances of TAXII, STIX and CyBOX. And my impression is...there's gotta be a better way.

Eric points out some qualities we might find in that "better way", including ubiquitous deployment. Aharon rightly brings us back home to the necessity of consumer adoption. And many of you have suggested practical changes (such as alternate data formats), as way to ease implementation, hence vendor adoption.

It sounds like we're trying to achieve Web-scale success. And that brings to mind some things I've read in Chapter 5 of Dr. Roy Fielding's dissertation. So, here's my heretical question:

What would TAXII 2.0 look like if we started from scratch* and implemented it according to Chapter 5?


John Anderson

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]