Hi, Am 19.03.2010 09:11, schrieb Jan-Oliver Wagner:
> What is missing yet is a completed documentation of the OMP protocol
> so that you know about any actions to apply via omp-cli.
I played around with OMP a few days now (and implemented a Python OMP
client library). From my point of view, OMP is inconsistent and not well
designed. I know, there is already quite some software around using OMP
as it is now. So use it this comment as "lessons learned".
Here are some examples:
* Each request defined it's own response element (eg. create-task,
create-task-response). Perhaps there are reasons for that, but
this makes the (server) source more complicated and error frown.
* When creating or deleting e.g. Targets, the name is specified as
element, but when searching, an attribute has to be used.
* The get_* and delete_* commands are quite redundant: they only differ
in the tag name and whether a id attribute or a name tag has to be
used. Something like this would simplify the code:
<delete type="note" name="Some Note" />
<get type="note" name="Some Note" />
* Using "task_id", "report_id", etc. instead id a common "id" does not
add functionality but make the code more compilcated.
* For escalators, the method element is extremely ugly, mixing text
content and child elements:
<method>Email<data><name>to_address</name>[email protected]</data>
This would better we something like
<method type="Email">
end perhaps
<data name="to_address">[email protected]</data>
Just my 2 cent
--
Schönen Gruß - Regards
Hartmut Goebel
Dipl.-Informatiker (univ.), CISSP, CSSLP
Goebel Consult
Spezialist für IT-Sicherheit in komplexen Umgebungen
http://www.goebel-consult.de
Monatliche Kolumne: http://www.cissp-gefluester.de/
Goebel Consult mit Mitglied bei http://www.7-it.de
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Openvas-discuss mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
