The mechanisms for exchanging OpenC2 Request (i.e., command) and Response messages are defined in transfer specifications. The OpenC2 TC has published two transfer specifications as OASIS Committee Specifications, documenting the use of HTTPS and MQTT version 5.0.
Here are links to the currently published specifications:
| At OASIS | At GitHub | |
|---|---|---|
| MQTT | HTML | Markdown |
| HTTPS | HTML | Markdown |
Due to the complexities of establishing certificate-based mutual authentication for HTTPS, MQTT is the preferred transfer protocol for interoperability testing at the CAW. Participants should become familiar with the transfer specification's requirements, especially the topic structure. However, flexibility in the use of topics is also potentially helpful during the plugfest (e.g., if there's a need to create separate communities using a single message broker) so configurability is a desirable feature when implementing MQTT for OpenC2.
MQTT is a message transfer protocol standardized under OASIS. The MQTT Transfer Specification uses MQTT version 5.0, as features added in that version of the protocol address OpenC2 needs. The HiveMQ website has an excellent collection of material about MQTT, addressing both versions 3.1.1 and 5.0.
HII has established MQTT and OpenDXL message brokers on Google Cloud Platform. Details for how to access those brokers will be published here soon.
Connection process:
DoD has established a device information and security attribute repository on Amazon Web Services.
Connection process: