Re: [cti-taxii] Questioning the wisdom of using DNS SRV records for TAXII 2.0 Discovery

["Jordan, Bret" <bret.jordan@bluecoat.com>]

Really good points Trey and we need to start keeping a list of known security issues that implementers and deployment people need to be mindful of.  

Thanks,

Bret

Bret Jordan CISSP

Director of Security Architecture and Standards | Office of the CTO

Blue Coat Systems

PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050

"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg." 

On Oct 31, 2015, at 02:37, Trey Darley <trey@SOLTRA.COM> wrote:

On 30.10.2015 21:28:38, Jordan, Bret wrote:

TAXII servers. So therefore the TAXII servers need to be hardened
with good coding standards and have controls put around them.

It would be worth threat modeling the TAXII 2.0 architecture (once the
spec's closer to completion) with an eye towards generating a TAXII
2.0 security best practices guide for implementers as an OASIS work
product.


--
Cheers,
Trey
--
Trey Darley
Senior Security Engineer
4DAA 0A88 34BC 27C9 FD2B  A97E D3C6 5C74 0FB7 E430
Soltra | An FS-ISAC & DTCC Company
www.soltra.com
--
"With sufficient thrust, pigs fly just fine. However, this is not
necessarily a good idea. It is hard to be sure where they are going to
land, and it could be dangerous sitting under them as they fly
overhead." --RFC 1925

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail