OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [cti] slides from the call today

Hi Brett, some comments on the slides

- I have a concern that many of the items identified as "long term needs" are actually needs products have in the market place right now, and lack of them are prohibiting actual adoption of TAXII as a primary information exchange protocol. I do not think an extremely basic feature such as "find HeroRat" (ie global string match inside properties) or "find threats related to" are long term features; they are vital if we want anyone to be able to use TAXII as a protocol to talk to a repository.

- I have concerns that if the focus is only on the things in the "short term" section, without considering these things in the "long term" section (which, as I said above, IMO are not actually long term), then we could paint ourselves into a corner by not designing a consistent mechanism that works for both things, then we end up with N different inconsistent ways to do queries.

- In general - the massive complexities of this work I think belong in something like an Extension process whereby they can be worked and iterated on independently of the spec, with proven working code and implementations backing up every decision as it is made, vs. writing spec and hoping to write code to match it later. We have had a TAXII Query working group for 6 months ( #taxii-query),  but have had little participation in it from the TC. I would prefer we iterate on this inside that working group, and get something concrete, vs doing it on working calls and making decisions without code, which I think is very dangerous given the subject matter.

Jason Keirstead
Lead Architect - IBM Security Cloud

"Things may come to those who wait, but only the things left by those who hustle." - Unknown

From:        Bret Jordan <Bret_Jordan@symantec.com>
To:        "cti@lists.oasis-open.org" <cti@lists.oasis-open.org>
Date:        07/03/2018 07:00 PM
Subject:        [cti] slides from the call today
Sent by:        <cti@lists.oasis-open.org>

Here are the sides from today's call..  Action items are:

1) Make sure that the list of features (near-term and long-term) is complete and they meet the needs that you are aware of (this is not to say that we will do all of them right now, or at all, just that the list is complete)

2) Please add any gotchas or caveats that we need to be mindful of in relation to each feature

3) Identify which features need to be done now (2.1) versus features that can be done later (2.2+)

My goals are to get high level agreement first on the master list of features and second when we should be doing them.  Once we have that, we can talk about design ideas and implementation strategies.


[attachment "2018-06-03_TAXII Working Call.pdf" deleted by Jason Keirstead/CanEast/IBM]
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  Follow this link to all your TCs in OASIS at:

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]