[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti] Playing the "simpleton's advocate": how much complexity can we throw overboard?
STIX needs to become actionable in a M2M context. Yes, at some point in the life cycle the CTI will be bubbled up to a Human, and each organization WILL have a different appetite for when that will take place. Think of all the APPs I want written on the various APP stores... They will all interact with the data at some point. However, each of the applications will need to "do" things with the data before it gets on the UI. In regards to Profiles, I can agree in the most general and high level concept. However, the way profiles are done today, they are effectively un-useable and do not scale. To quote Aharon out of context as he was talking about discovery in TAXII land, it would be nice if profiles in a STIX state machine worked as simply as: EHLO taxii.example.com VERSION 1.2 STARTTLS 1.2 READY TO STARTTLS We keep hearing profiles, profiles, profiles as the way to solve all the things that are broken. But I am not sure the bandaid of profiles will hold. And in fact, profiles will probably need to end up being YACS (yet-another-cit-standard) with its own markup. I just do not see how profiles are going to really work in code. I get how they "should" work in theory and the idea behind them is a great concept. But they are not a good practical solution, at least not yet. Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards | Office of the CTO Blue Coat Systems PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
|
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]