Welcome We’re Mark and Bret; This is the TAXII SC.
-
Upload
darcy-boone -
Category
Documents
-
view
213 -
download
0
Transcript of Welcome We’re Mark and Bret; This is the TAXII SC.
Welcome
We’re Mark and Bret;This is the TAXII SC
TAXII 1.1.1 Update
• Bret and Mark have mostly complete drafts• Other co-chairs have seen drafts• Once DHS Legal approves, will be available to
whole CTI TC for review and comment• Will eventually be submitted for ratification as
an OASIS Standard• Nothing has changed other than Namespaces
and URNs (and document formatting)
Meetings
• This is the kick off meeting• Regular meetings will be held on the second
Tuesday of each month– We can schedule addt’l meetings as necessary
• We haven’t set a time for the first “regular” meeting, but it will be on August 11th
TAXII Subcommittee Goals
• Open, Collaborative, Fast– This includes collaboration across SCs
• Solve what we know• Investigate what we don’t know• Plan For Change– Quick release cycles to support new use cases
• Open door policy (email, IM, Skype): – [email protected]– [email protected]
TAXII 1.x Complaints
• Too much optionality• Lack of single architecture• No defined authentication• No network-level discovery• Unnecessary network traffic• Messages are too big• Let’s take the opportunity to holistically review
TAXII– We think this probably means a major revision
TAXII Goals
• Simplicity– Easy to implement and understand
• One way of doing things– Reduce optional services
• Minimize resource usage– Reduce message size– Only transmit what is necessary
• Scalable performance– Plan for organizations with 50,000+ TAXII clients– Plan for 100 Million messages a day– Address “busy wait” issue with TAXII 1.1
Proposed TAXII Scope
• Sharing within a trust-group– (ex. ISACs / ISAOs)
• Sharing between trust-groups– (ex., FS-ISAC to ICS-ISAC)
• Public sharing• Investigate: Internal sharing– (Device-to-Device)
Open Discussion