[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: TAXII Architecture
All, As we have discussed this issue in the past, and the time has come to make a decision.... Background: TAXII 2.0 will have two components: 1) Message Broker operating in a publish/subscribe model using communication channels 2) Cyber Information Repository that will enable storage and query of cyber information Further, TAXII 2.0 will support auto-discovery of which services are running on the TAXII server through the API. Question: Which of the following statements do you prefer? Or do you prefer something all together different? Option 1: A compliant TAXII server MAY implement the message broker solution, the cyber information repository solution, or both. Option 2: A compliant TAXII server MUST implement the message broker solution and the cyber information repository solution. There are obviously pros and cons to each of the two options above. But in an effort to not taint the discussion, I will hold off on giving my opinion. We are curious to hear your thoughts in this unofficial by email vote. A non-comment, means you do not care. If you can not comment openly on the list, please feel free to reach out to me or Mark directly (by email, Skype, phone, etc). Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards | Office of the CTO Blue Coat Systems PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg." |
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]