OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti-taxii message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [cti-taxii] Vision Statement for TAXII

That's a critical point IMHO. Thanks for asking John.

2015-09-17 18:50 GMT+03:00 Wunder, John A. <jwunder@mitre.org>:
> I think in order to answer Bret’s question it would be helpful to define
> what value-add we expect TAXII to provide to the sharing cyber threat
> intelligence (I include “cyber” in there because of the charter). There are
> a lot of generic data transports: OASIS has OData, AMQP, SOAP, HTTP, etc.
> Many of them provide for authentication, data integrity, channels, and other
> things that we’ve talked about TAXII defining. What do we expect TAXII to do
> beyond that that makes it better specifically for sharing CTI?
> - Is it simply a standard transport/authentication so things are plug and
> play?
> - Or, beyond that, does it define specific behaviors that are useful for
> sharing threat intel?
> - Or, even beyond that, does it talk at all about the content that gets
> shared?
> - As a subcategory of that, it could even reference or define specific types
> of payloads
> This also gets at the scoping question…what problems identified in the use
> cases is TAXII trying to solve and which does it leave to STIX or other
> specs?
> John

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]