search

oasis-tcs / cti-taxii2

OASIS CTI TC: An official CTI TC repository for TAXII 2 work
https://github.com/oasis-tcs/cti-taxii2
Other
9 stars 4 forks source link

Provide TAXII client implementation and version within HTTP requests #86

Closed marlontaylor closed 5 years ago

marlontaylor commented 5 years ago

Currently

The TAXII specification does not specify a way for TAXII clients to provide their implementation and version to a TAXII server.

Suggestion

Update the TAXII specification to include the TAXII client implementation and version within the user-agent http header (preferable as a MUST within the TAXII/Interoperability spec).

Background

Sharing of TAXIIclient information (e.g. implementation, version) is not specified within the specification leaving TAXII server admins without a standardized way to troubleshoot issues specific to TAXIIclient implementations and/or versions. TAXIIclient information can be shared out-of-band (e.g. forms, email) but out-of-band communication requires additional coordination to ensure the TAXIIclient information is up-to-date (e.g. annual review) and doesn't ensure the information is accurate between out-of-band communications.

Using of the user-agent (or other appropriate http header) to include the TAXII client implementation and version, TAXII server admins have the real-time ability to identify and troubleshoot issues across TAXII client implementations and/or versions.

Scenario

Suggested improvements in bold.

  1. TAXIIclient_A admin uses TAXIIclient_Implementation/9.0 and reports an issue to the TAXIIserver_B admin OR TAXIIserver_B admin notices a common issue across all instances of TAXIIclients using TAXIIclient_Implementation/9.0 and reports the issue to TAXIIclient_A admins/vendor.
  2. TAXIIserver_B admin and TAXIIclient_A admin/vendor determine there are some needed changes within TAXIIclient_A TAXIIclient_Implementation/9.0
  3. TAXIIclient_A TAXIIclient_Implementation/9.2 is released which addresses the issue within TAXIIclient_Implementation/9.0
  4. TAXIIserver_B admin informs existing instances of TAXIIclient_Implementation/9.0 about the known issue and fix within TAXIIclient_Implementation/9.2
  5. As new HTTP requests using TAXIIclient_Implementation/9.0 are received (e.g. new users to the TAXIIserver_B OR existing users trying a different implementation), the TAXIIserver_B admin can reach out the TAXIIclient_Implementation/9.0 TAXIIclient admin to inform them of the unknown issue and fix within TAXIIclient_Implementation/9.2
gtback commented 5 years ago

It sounds like we really just need to recommend (in the spec) and potentially require (in the interoperability spec) the use of User-Agent. There's nothing prohibiting implementers from doing this already, I don't think. If that's all that's involved, I'm 👍 .

I would generally be against adding any new fields to any TAXII data types (which I don't think is what you're suggesting, @marlontaylor ).

jordan2175 commented 5 years ago

I added some text in sections 3.2, 8.2.1 and 8.4.1 to address this.