Stix Difficulties: Interoperability is difficult if custom vocabularies are allowed

[terrymacdonald]

PROBLEM

Default Vocabularies aren't expressive enough to accurately describe what producers want. For this reason we expect that producers will want the ability to use customer vocabularies. The problems with using custom vocabularies is that it becomes difficult for receiving implementations to processing them.

POTENTIAL ANSWER

In order to improve interoperability of solutions from different vendors, we need a way of ensuring a standard set of vocabularies. This can be achieved in two different ways.

• Only have a single, official, centrally controlled default vocabulary. Make sure that it is extremely easy to request additional vocabulary entries, and make sure that updates are automatically distributed to vendors. The vocabularies MUST be able to be distributed independently of updates to STIX, CybOX and TAXII.
• Have a high-level official, centrally controlled default vocabulary, and allow producers to provide their own externally referenceable custom vocabulary (housed at a reachable URI) if they wish. Doing things this way ensures that there is the high-level 'fallback' vocabulary available if the consumer doesn't have the ability to contact the publically reachable custom vocabulary URI