[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti] Missing MTI - what to do?
What would you recommend as a strategy in the core CTI TC MTI Specifications for the scenario where some in the CTI want to define an optional binding like JSON-LD? Preferably as part of the normative OASIS CTI TC standards, but if not, as a Cyber Intelligence
Community driven extension to same?
Patrick Maroney
Office: (856)983-0001
Cell: (609)841-5104
President
Integrated Networking Technologies, Inc.
PO Box 569
Marlton, NJ 08053
From: "cti@lists.oasis-open.org" <cti@lists.oasis-open.org>, Eric Burger <ewb25@georgetown.edu>
on behalf of Eric Burger <Eric.Burger@georgetown.edu>
Date: Friday, January 29, 2016 at 7:28 AM To: "cti@lists.oasis-open.org" <cti@lists.oasis-open.org> Subject: [cti] Missing MTI - what to do? There are only three choices if one is missing or has an odd MTI field:
I would offer we say what we mean. There are two places to do that. The first is in the spec itself. For example, if “id” is missing, I think we would say in the spec the serialization is malformed and return an error (or silently go away). The
second is to tag the transaction, perhaps at the TAXII level, with what you want to have happen. For example, if I have private extensions, I can tag them as something you can freely ignore or drop. Conversely, if I have extensions or optional fields that
you really need to understand to process the message, I can tag them as something that if you do not recognize them, fail the document so I know you do not know.
For an example of this working in email system gateways, see https://tools.ietf.org/html/rfc3459
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]