[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti] Results of today's CTI working call on the topic of refactoring "sources"
Comments inline below
Bret, what can we do to help you understand and feel more comfortable with this?
sean
From: "Jordan, Bret" <bret.jordan@bluecoat.com>
Date: Tuesday, February 9, 2016 at 7:24 PM To: "Barnum, Sean D." <sbarnum@mitre.org> Cc: "cti@lists.oasis-open.org" <cti@lists.oasis-open.org> Subject: Re: [cti] Results of today's CTI working call on the topic of refactoring "sources"
I can agree with items 1 and 2. But I do not yet agree with item 3. I am curious to know how it is a consensus proposal.
[sean]Item 1 has been widely discussed on the lists and at the F2f for quite a while and seems to have universal consensus (I don’t recall ever hearing anyone disagree with it).
Item 2 is somewhat new. It has consensus among the players who have been actively working on developing proposals for these issues and often do so from different perspectives (myself, John Wunder and I believe Terry). The intent of putting out the
revised proposal last week and talking about it on the call yesterday was to see if we could get broader consensus. My impression on the call was that specific details needed worked out but the high-level proposal seemed to have pretty good general consensus.
Item 3 is the topic of source referencing which has been talked about for a couple of months now. The two “strawman” proposals going into the F2F took different approaches on this (one using Relationships and the other using an embedded reference
for “producer” relationships). There really did not seem to be a lot of consensus between these two approaches at first but after a lot of discussion and exploration I think that the two sides realized that all non-producer sources would need to use Relationships
anyway and that having an embedded reference for “producer” did not preclude a Relationship being asserted for it as well to align with all the other source relationships. This led to a consensus among the two sides that the hybrid approach proposed here makes
the most sense. We still have details to work out but it also sounded like this had pretty good consensus support on the list, slack and the call from Sarah, Paul, Jason, Marlon and others. I don’t recall anyone other than yourself raising objections or concerns
on the high-level proposal. As I said, we still have details to work out though.
**If I have misunderstood anyone’s opinions and mischaracterized them here please feel free to correct me.**
For item 3, some of it makes sense, and other parts seem a bit complicated and non-intuitive.
[sean]From my perspective it is actually simpler due to consistency and it appears to align very well with the way that real world analysts think about and relate these things.
Thanks,
Bret
Bret Jordan CISSP
Director of Security Architecture and Standards | Office of the CTO
Blue Coat Systems
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]