[Owasp-data-exchange-format] DEF Strawman characteristics
Martin Holst Swende
martin.holst_swende at owasp.org
Sat Jul 23 12:01:47 EDT 2011
----- Ursprungsmeddelande -----
> I've updated the Strawman tab on the project page (
> https://www.owasp.org/index.php/OWASP_Data_Exchange_Format_Project#tab=Strawman)
> with some proposed characteristics:
>
> - The format will be JSON (to make it as simple as possible)
great!
> - Products can generate and/or consume DEF
> - Products will be able to generate DEF via a defined REST interface
could you please explain this a bit? Not sure I understand...
> and/or simple files - products can choose
> - Products which consume DEF must support both REST and file options
> - There will be minimal security (but REST based services can limit
> by IP addr)
> - The data model will cover: hosts, ports, sites (host:port), urls,
> issues, requests/responses
How about parameters? E.g if a certain param or field is vulnerable or should be exported as fuzzer-target? Cookies? Perhaps also http header fields.
> - Products can generate a subset of DEF, the level support will be
> described in the DEF
>
> What do you think??
>
> Let me know if I've been too terse!
>
> Simon
sounds good so far! Keep it up!
Regards,
Martin from n900
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-data-exchange-format/attachments/20110723/d2ba01ae/attachment.html
More information about the Owasp-data-exchange-format
mailing list