OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti-taxii message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [cti-taxii] TAXII 2.0 transport specification

To most people, saying “Do TLS” sounds like you’ve said what you need to say. Unfortunately, because there are so many options, we do need to specify what the minimum is, otherwise we will not have interoperability.

Given the Internet is not the safe place it used to be, I could neither endorse either a non-interoperable protocol (not going beyond TLS) nor endorse a protocol that demands the server provide secure transport.

On Jan 15, 2016, at 9:15 AM, Jason Keirstead <Jason.Keirstead@ca.ibm.com> wrote:

I still wonder if going to the depth level of specifying things as malleable as SSL implementation is the best idea for TAXII

As we have all seen over the past two years, "minimum best practice" changes at the drop of a hat. Heck, SSL best practice has high potential to change between now and when TAXII 2.0 is finalized.

Jason Keirstead
Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security | www.securityintelligence.com

Without data, all you are is just another person with an opinion - Unknown

<graycol.gif>Terry MacDonald ---01/14/2016 06:31:01 PM---Hi Eric and list, I'd personally be concerned with following an NSA recommended standard. I

From: Terry MacDonald <terry.macdonald@threatloop.com>
To: Eric Burger <Eric.Burger@georgetown.edu>
Cc: cti-taxii@lists.oasis-open.org
Date: 01/14/2016 06:31 PM
Subject: Re: [cti-taxii] TAXII 2.0 transport specification
Sent by: <cti-taxii@lists.oasis-open.org>

Hi Eric and list,

I'd personally be concerned with following an NSA recommended standard. I think it would *potentially* impact whether the rest of the international community adopt the standard. I would prefer that we follow some recommendations from international experts that have inputs from multiple different nationalities and teams, so that we are not overly reliant on any one country.


Terry MacDonald
| STIX, TAXII, CybOX Consultant

M: +61-407-203-026
E: terry.macdonald@threatloop.com
W: www.threatloop.com

Disclaimer: The opinions expressed within this email do not represent the sentiment of any other party except my own. My opinions do not necessarily reflect those of Threatloop.com.

On 15 January 2016 at 00:01, Eric Burger <Eric.Burger@georgetown.edu> wrote:
    Here are some updates and discussion points to the transport specification language. Sorry I cannot be there in Florida!

    Passing the text to some folks who really know security, one thing they asked was why we did not just chose to use Suite B (RFC 6460). What I proposed is almost Suite B, so there would not be much of a significant change to what we’ve got proposed now. 

    My concern with Suite B is there is a lot of FUD that the Cyber Act is really just an excuse for USG fishing. Mandating a NSA security suite may have bad optics. What do you think?

        On Jan 7, 2016, at 10:59 PM, Mark Davidson <mdavidson@soltra.com> wrote:

        I had meant for this to go to the CTI list, and I got bit by autocomplete.

        From: <cti-taxii@lists.oasis-open.org> on behalf of Mark Davidson <mdavidson@soltra.com>
        Thursday, January 7, 2016 at 11:28 PM
        "cti-taxii@lists.oasis-open.org" <cti-taxii@lists.oasis-open.org>
        [cti-taxii] TAXII Materials Submission - TAXII Pre-Draft spec


        Please find attached the TAXII 2.0 pre-draft specification. As noted on the TAXII SC list and within the document itself, this document is intended to be a discussion platform and help drive consensus. The quality of the document is a bit uneven – we’d like to kindly request that readers attempt to get the “big picture” first and comment on specific wordings/phrasings second. Notably, if you think “Channels and Collections” are the wrong way to go, that would be a great thing to raise at the F2F.

        Thank you and we look forward to seeing you at the F2F!
        Mark and Bret

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]