[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti] STIX and TAXII question
Bret Jordan wrote this message on Fri, Dec 08, 2017 at 18:15 +0000: > A use case was brought up that a person may want to version an object (ver 1) to remove say TLP:RED content and make a new version (ver 2) be TLP:GREEN. Then you would have the STIX ID foo ver 1 in collection "private" and STIX ID foo ver 2 in collection "public". I am wondering what others think of this? Is this a valid use of versioning? Or should the object be forked with a related-to relationship? What happens if STIX ID foo ver 1 gets updated? Does that mean the server then needs to track if the update should be applied to version 2 as well? If version 2 is Green and version 1 and 3 are RED, does that make things weird for a client? What happens if a client has access to both "private" and "public" and finds the same object but different versions? What is the client supposed to do? I believe we discussed it at a previous F2F, and it was agreed that a new object would be created. There are issues where you do not want the fact that TLP:Red data even exists to leak. -- John-Mark
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]