OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [cti] Open Question to the CTI Community

I love your analogies.... I think there are very divergent camps in regards to what these three technologies should actually do.  And I think if you were to poll the core people that routinely contribute or are heavily vested in this technology, you would get wildly different answers.  

Some just want CybOX and STIX to be the idea for communicative thought, an abstract high level UML/OWL data model.  Others want it to be french with latin characters that are 12 pt font used on A4 paper.  And even others want it to be a polished system that actually does something.  

In regards to TAXII, it can be as you said, just dumb plumbing like the post office, or it can be a little more advanced like FedEx, or it can be the whole thing, like Amazon.  Obviously there should be one way of doing things, but that does not mean every person that deploys TAXII needs to be an Amazon...  Some might just want to be a Post Office or a Fedex.  One thing to point out, if TAXII does not define how to do the Amazon work, then that functionality needs to move to STIX and CybOX or some other subcommittee.  It has to live somewhere.

So I agree with you...  We need to decide what STIX, CybOX, and TAXII are going to be when they grow up. 


Bret Jordan CISSP
Director of Security Architecture and Standards | Office of the CTO
Blue Coat Systems
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg." 

On Aug 18, 2015, at 14:34, Patrick Maroney <Pmaroney@Specere.org> wrote:

Caveat: Please do not infer any negative connotations in the folllowing.  I no doubt have my views on the matter***, but do not assert anything here other than the suggestion that we really should sort out these fundamentally different perspectives out and get consensus.

There seem to be two distinct camps of thought:

(1) CybOX is  'just a language', STIX is an "Envelope/Box" that can be used to address/package letters, poetry, written, books, magazines, produced in this language, and TAXII is the means to deliver said packages (e.g. Postal Service, FedEx, etc.)

(2) All of these combined somehow form an information repository (how things are racked, stacked, and found in the warehouse) and TAXII is the "Amazon".

These are somewhat flawed analogies, but hopefully my point is clear.

So is TAXII the just Transport?....or the Warehouse, Transport, and Order Processing system?

Patrick Maroney
Integrated Networking Technologies, Inc.
Desk: (856)983-0001
Cell: (609)841-5104
Email: pmaroney@specere.org

*** I do have a strongly held bias that externally facing/exposed TAXII Gateways should only hold ephemeral data as long as is required to reliably "ship the package".

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]