[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-taxii] The need (or no need) for TAXII to support Query
On 29.10.2015 13:55:47, Davidson II, Mark S wrote: > Some other comments: > > * If we create the API right, we can distinguish STIX/CybOX versions > * by MIME type using HTTP Accept/Content-Type headers and we won't > * need separate URLs for them (e.g., the API can stay the same as > * STIX/CybOX change) > This is true, but I still think (regardless of XML/JSON discussion) that STIX and CybOX objects should continue to have the schema version embedded within them as a mandatory field. Explicit > implicit when it comes to parsing interoperability. > > * Having Relationships become a top level object will simplify the > * Query API design considerably. Instead of needing structure (e.g., > * /related/ttp/) you could just query the relationship object and > * specify certain fields/values (e.g., from_idref=1234, > * to_type=ttp). > Good point, I hadn't thought about the implications of introducing the Relationship object. > > * De-nesting of properties (aka STIX/CybOX simplification) will > * probably have a positive impact on the Query API. > Hallelujah (1000x) & amen! -- Cheers, Trey -- Trey Darley Senior Security Engineer 4DAA 0A88 34BC 27C9 FD2B A97E D3C6 5C74 0FB7 E430 Soltra | An FS-ISAC & DTCC Company www.soltra.com -- "Every old idea will be proposed again with a different name and a different presentation, regardless of whether it works." --RFC 1925
Attachment:
signature.asc
Description: PGP signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]