search

oasis-tcs / cti-taxii2

OASIS CTI TC: An official CTI TC repository for TAXII 2 work
https://github.com/oasis-tcs/cti-taxii2
Other
9 stars 4 forks source link

Expand status-details to include version property #79

Closed marlontaylor closed 6 years ago

marlontaylor commented 6 years ago

Currently

The status-details represents an object that was added, is pending, or not added to the Collection. It contains the id of the object and a message describing any details about its status.

Suggestion

The status-details should contain a required 'version' property. For STIX objects the version MUST be the STIX Object modified value.

Background

See current example response:

HTTP/1.1 200 OK
Content-Type: application/taxii+json;version=2.1

{
  "id": "2d086da7-4bdc-4f91-900e-d77486753710",
  "status": "pending",
  "request_timestamp": "2016-11-02T12:34:34.12345Z",
  "total_count": 4,
  "success_count": 1,
  "successes": [
    {
      "id": "indicator--c410e480-e42b-47d1-9476-85307c12bcbf"
    }
  ],
  "failure_count": 1,
  "failures": [
    {
      "id": "indicator--c410e480-e42b-47d1-9476-85307c12bcbf",
      "message": "Unable to process object"
    }
  ],
  "pending_count": 2,
  "pendings": [
    {
      "id": "indicator--252c7c11-daf2-42bd-843b-be65edca9f61"
    },
    {
      "id": "relationship--045585ad-a22f-4333-af33-bfd503a683b5"
    }
  ]
}

The status-details does not provide the means to determine the "version" of object within the response, which requires additional work on the recipient to take action. Notice in the example above indicator--c410e480-e42b-47d1-9476-85307c12bcbf is located in both the successes and failures properties. Without support for specifying the object version the receiver of the status-details will not be able to address failures when multiple versions of the same object are submitted.

See suggested example response:

HTTP/1.1 200 OK
Content-Type: application/taxii+json;version=2.1

{
  "id": "2d086da7-4bdc-4f91-900e-d77486753710",
  "status": "pending",
  "request_timestamp": "2016-11-02T12:34:34.12345Z",
  "total_count": 4,
  "success_count": 1,
  "successes": [
    {
      "id": "indicator--c410e480-e42b-47d1-9476-85307c12bcbf" ,
      "version": "2018-05-27T12:02:41.312Z"
    }
  ],
  "failure_count": 1,
  "failures": [
    {
      "id": "indicator--c410e480-e42b-47d1-9476-85307c12bcbf",
      "version": "2018-05-28T14:03:42.543Z",
      "message": "Unable to process object"
    }
  ],
  "pending_count": 2,
  "pendings": [
    {
      "id": "indicator--252c7c11-daf2-42bd-843b-be65edca9f61",
      "version": "2018-05-18T20:16:21.148Z"
    },
    {
      "id": "relationship--045585ad-a22f-4333-af33-bfd503a683b5",
      "version": "2018-05-15T10:13:32.579Z"
    }
  ]
}
jordan2175 commented 6 years ago

We discussed this on the working call on 2018-05-29, and the unanimous consensus was to make this change. A row was added to the status-details object that included a "version" property that is required. The description for that property is:

The version of the object that succeeded, is pending, or failed to be created. For STIX objects the version MUST be the STIX modified timestamp Property. If a STIX object is not versioned (and therefore does not have a modified timestamp) the created timestamp MUST be used.

The description for the status-details object itself also changed, it now reads:

This type represents an object that was added, is pending, or not added to the Collection. It contains the id and version of the object along with a message describing any details about its status.

jordan2175 commented 6 years ago

The description for the status resource also needed to be updated. The last paragraph now reads:

The list of objects that failed to be added, are still pending, or have been successfully added is a simple type that contains the identifier of the object (e.g., for STIX objects, their id), its version, and an optional message indicating additional details.