The below link is the National Vulnerability Database XML mapping that major security vendors use, including my old company IBM ISS.
http://nvd.nist.gov/download.cfm#CVE_FEED
Basically, NVD (through a committee decision) has decided to use XML mapping to describe vulnerabilities and the various platforms they affect. Security vendors would then import this information into their databases and map them to their own security vulnerability records.
It's confusing, I know, but the bottom line is sometimes a third party (such as the government in this case) forces companies to read, manipulate, and use XML data. So if you're in the anti-XML camp, sometimes outside influences box you into a corner and you have no real choice. Bummer, eh Phil? :)
Blog Votes and Statistics
14 years ago
Totally agree! If the tone is set by the top, you won't be able to escape from it. Can someone in the class find a universal language resolving all these problems in the future? Mike. :)
ReplyDeleteXML is the universal language that is solving all these problems! Don't listen to Phil, he's totally biased against XML beyond reason.
ReplyDeleteSo the reason to use XML is because you have no other choice... Wonderful argument.
ReplyDeleteIf someone is giving you something, and say that is your only choice, that isn't a confusing, you have only one choice.
Wouldn't my argument have been to ask this NVD why they chose XML. If they don't have a good reason, or just decided to do it because everyone else is, then, as I said in the presentation, they are part of the problem: Blind decisions that force downstream developers to go WTF? and suffer.
If there is a person who has only heard of XML, don't know what an alternative to XML even is, or have ever used a different format, then I would believe that person is who I would say is biased, and shouldn't be listened to.
I agree with Phil. Throwing your hands up in the air due to standards that are enforced by third parties doesn't really address the original question which makes the assumption that you are the decision-maker in whether to use XML or not.
ReplyDeleteFor example, just because I have to use IE for workplace applications doesn't mean it is a superior browser, at least in my eyes (*cough* IloveChrome *cough*)
Mike sounds like Pontius Pilate over here, 'wash my hands of XML, I have no choice!'
XML was chosen after months and months and months of back and forth discussion board discussion. I followed that committee group think and even made a few suggestions. Once that bunch of industry people made a decision, there was so much buy-in to XML there was no changing it no matter what.
ReplyDeleteWith that said, I found XML easy to connect to for our purposes. But groupthink sucks.