[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti] Thoughts on STIX and some of the other threads on this list [formats discussion]
I think your points 1-8 are valid and we should really try and get this done, sooner rather than later... On your point about forcing the standards to all have the same MTI, I am not sure I fully agree... I think it is important that STIX and CybOX do the same thing for sure. But I do not see any rational for forcing TAXII to do the same thing, other than it being a mandate. Now, do not get me wrong, if they all end up doing the same thing than that would be great. But there is no real requirement for that. TAXII as a protocol and not a language like STIX, needs to be able to adapt more quickly to changes in networking technologies or transport needs. For example, as HTTP/2 becomes more main stream, we may need to do things different in TAXII and that needs to be independent of needing to make changes for STIX/CybOX. There needs to be a separation there. So TAXII 2.0 might be, for example JSON and TAXII 3.0 might be Binary. TAXII really needs to be able to adapt to what is best for the transport of the data over the network and STIX and CybOX need to adapt to what is the best for the tools and programs that will be displaying and using the data. So it would be great if they were the same, but I do not see a requirement that they MUST be the same. Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards | Office of the CTO Blue Coat Systems PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
|
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]