OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [cti] STIX and TAXII question

Bret Jordan wrote this message on Fri, Dec 08, 2017 at 18:15 +0000:
> A use case was brought up that a person may want to version an object (ver 1) to remove say TLP:RED content and make a new version (ver 2) be TLP:GREEN. Then you would have the STIX ID foo ver 1 in collection "private" and STIX ID foo ver 2 in collection "public".  I am wondering what others think of this?  Is this a valid use of versioning?  Or should the object be forked with a related-to relationship?  What happens if STIX ID foo ver 1 gets updated?  Does that mean the server then needs to track if the update should be applied to version 2 as well?  If version 2 is Green and version 1 and 3 are RED, does that make things weird for a client?  What happens if a client has access to both "private" and "public" and finds the same object but different versions?  What is the client supposed to do?

I believe we discussed it at a previous F2F, and it was agreed
that a new object would be created.  There are issues where you
do not want the fact that TLP:Red data even exists to leak.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]