[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti] Open Question to the CTI Community
I love your analogies.... I think there are very divergent camps in regards to what these three technologies should actually do. And I think if you were to poll the core people that routinely contribute or are heavily vested in this technology, you would get wildly different answers. Some just want CybOX and STIX to be the idea for communicative thought, an abstract high level UML/OWL data model. Others want it to be french with latin characters that are 12 pt font used on A4 paper. And even others want it to be a polished system that actually does something. In regards to TAXII, it can be as you said, just dumb plumbing like the post office, or it can be a little more advanced like FedEx, or it can be the whole thing, like Amazon. Obviously there should be one way of doing things, but that does not mean every person that deploys TAXII needs to be an Amazon... Some might just want to be a Post Office or a Fedex. One thing to point out, if TAXII does not define how to do the Amazon work, then that functionality needs to move to STIX and CybOX or some other subcommittee. It has to live somewhere. So I agree with you... We need to decide what STIX, CybOX, and TAXII are going to be when they grow up. Bret Bret Jordan CISSP Director of Security Architecture and Standards | Office of the CTO Blue Coat Systems PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
|
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]