slarchacki22
commented
2 years ago https://github.com/opencybersecurityalliance/PACE/pull/49 - discussed in this Issue #49
Open slarchacki22 opened 2 years ago
slarchacki22
commented
2 years ago https://github.com/opencybersecurityalliance/PACE/pull/49 - discussed in this Issue #49
Diagrams "CollectSbomFromDevice" and "CollectSbomFromDevice2" are intended to illustrate a difference between Component and Monolithic PACE. But to the external world PACE must still be an OpenC2 Consumer (for interactions with DM) or OpenC2 Producer (for interactions with ComponentX). In Device2, suggest moving green PAC API to dotted PACE boundary, analogous to PCS boundary in Device, and terminate the green DM interface. The red SBOM interface also terminates at the PACE boundary but not inside the PAC API.
Also suggest using a different color for unspecified/internal interfaces - not red for the URL retrieval and not blue for the internal, perhaps dotted purple or brown, to avoid confusion with blue PAR API.