Thanks Jason. This is why I wrote that text as a starting point, so that it would drive discussion. I will work on refining that text based on your feedback.
Bret
Sent from my Commodore 64
PGP
Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050
On May 25, 2018, at 6:41 PM, Jason Keirstead <
Jason.Keirstead@ca.ibm.com > wrote:
My $0.02 - I don't really like that text.
It might as well say "The results of a DELETE are undefined".
Why bother adding it to the standard, if people can just do anything with it.
-
Jason Keirstead
STSM, Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security "Things may come to those who wait, but only the things left by those who hustle." - Unknown
From: Bret Jordan <
Bret_Jordan@symantec.com >
To: "
cti-taxii@lists.oasis-open.org " <
cti-taxii@lists.oasis-open.org >
Date: 05/25/2018 06:04 PM
Subject: [cti-taxii] Preparing for WD03
Sent by: <
cti-taxii@lists.oasis-open.org >
All,
The editors (Drew and I) are just about done incorporating all of the suggestions from WD02. There are two sections specifically I would like to call your attention to:
1) 5.7 Delete an Obejct
This endpoint defines how a client can request that the server delete an object from a collection. NOTE: this is not a STIX Revoke. This is just simply removing the existence of an object or version of an object from a collection.
Some text I would like to really consider is: " When a TAXII Server deletes an object from a collection, it MAY remove it just from that collection or remove it from all collections and any internal
store."
We also need to make sure we have the HTTP Status Codes right for this DELETE endpoint.
2) 5.8 Get Object Versions
This endpoint allows a client to easily just get the versions of an object that the server has. This is a very simple endpoint. But please review.
Thanks
Bret