[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [cti-taxii] RE: Vision Statement for TAXII
I think this proposed language works. I think it would be better without the bracketed content and I would suggest changing the wording "TAXII reduces the friction ..." To something more like "TAXII focuses on reducing the friction ..." We should be careful to avoid assertions of success before they occur. My only other point of potential concern (though less than the other areas) is that the word "protocol" while not inaccurate (like Rich's concern with "technology") has the potential to be misinterpreted in an overly constrained way. Some people may immediately think of it as only a specific transport protocol (http) rather than the services and message flows for the CTI exchange use cases. We don't want people to think we are reinventing any wheels. Sean Sent with Good (www.good.com) From: cti-taxii@lists.oasis-open.org <cti-taxii@lists.oasis-open.org> on behalf of Wunder, John A. <jwunder@mitre.org>
Sent: Tuesday, September 15, 2015 11:27:39 AM To: 'cti-taxii@lists.oasis-open.org' Subject: Re: [cti-taxii] RE: Vision Statement for TAXII Just spitballing here:
TAXII is an open protocol that enables rapid, secure, and trusted sharing of cyber threat intelligence between people and systems. With a focus on simple
and reusable concepts, TAXII reduces the friction of sharing cyber threat intelligence among disparate tools, organizations, and ecosystems [without prescribing specific trust agreements, governance, or sharing policies].
I’d go either way on the section in the brackets…do people often misunderstand and think that TAXII prescribes trust agreements, governance, sharing policies, etc? If so, maybe include it. Otherwise it’s extraneous and could even
sound defensive.
John
From: <cti-taxii@lists.oasis-open.org> on behalf of "Richard.Struse@HQ.DHS.GOV"
Date: Tuesday, September 15, 2015 at 10:58 AM To: "'cti-taxii@lists.oasis-open.org'" Subject: Re: [cti-taxii] RE: Vision Statement for TAXII The original paragraphs were clearly too verbose and lacked punch. However, the proposed language seems somehow too vague and does read like ad copy.
I'm also not thrilled with talking about TAXII as a "technology". While I think we all know what is meant by that, others might infer that TAXII is a specific thing when it is in fact a series of specifications. I'd urge us to consider making it clear what TAXII is. The original paragraph did that well.
From: Eric Burger [mailto:Eric.Burger@georgetown.edu]
Sent: Tuesday, September 15, 2015 09:22 AM Eastern Standard Time To: cti-taxii@lists.oasis-open.org <cti-taxii@lists.oasis-open.org> Subject: Re: [cti-taxii] RE: Vision Statement for TAXII Looks like it was written by a Mad Men copy writer. Does it say anything? Sent from my mobile device. Thanks be to LEMONADE:
http://www.standardstrack.com/ietf/lemonade On Sep 14, 2015 12:06 PM, "Davidson II, Mark S" <mdavidson@mitre.org> wrote:
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]