OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti-taxii message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [cti-taxii] TAXII 2.0 transport specification


I still wonder if going to the depth level of specifying things as malleable as SSL implementation is the best idea for TAXII

As we have all seen over the past two years, "minimum best practice" changes at the drop of a hat. Heck, SSL best practice has high potential to change between now and when TAXII 2.0 is finalized.

-
Jason Keirstead
Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security | www.securityintelligence.com

Without data, all you are is just another person with an opinion - Unknown


Inactive hide details for Terry MacDonald ---01/14/2016 06:31:01 PM---Hi Eric and list, I'd personally be concerned with followTerry MacDonald ---01/14/2016 06:31:01 PM---Hi Eric and list, I'd personally be concerned with following an NSA recommended standard. I

From: Terry MacDonald <terry.macdonald@threatloop.com>
To: Eric Burger <Eric.Burger@georgetown.edu>
Cc: cti-taxii@lists.oasis-open.org
Date: 01/14/2016 06:31 PM
Subject: Re: [cti-taxii] TAXII 2.0 transport specification
Sent by: <cti-taxii@lists.oasis-open.org>





Hi Eric and list,

I'd personally be concerned with following an NSA recommended standard. I think it would *potentially* impact whether the rest of the international community adopt the standard. I would prefer that we follow some recommendations from international experts that have inputs from multiple different nationalities and teams, so that we are not overly reliant on any one country.

Cheers

Terry MacDonald
| STIX, TAXII, CybOX Consultant

M: +61-407-203-026
E: terry.macdonald@threatloop.com
W: www.threatloop.com



Disclaimer: The opinions expressed within this email do not represent the sentiment of any other party except my own. My opinions do not necessarily reflect those of Threatloop.com.

On 15 January 2016 at 00:01, Eric Burger <Eric.Burger@georgetown.edu> wrote:




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]