Manager component - unclear what it is

[warrenrjwc]

I am unclear on the manager component listed in the latest diagrams https://github.com/opencybersecurityalliance/documentation/blob/dee00b859dd2d1255fa22c05a0817420f6902518/Architecture%20Documents/SACM-container.pdf

It would seem the threat intelligence system and the configuration policy management system would directly query the repository. Can you elaborate on the management component to clarify this?

[adammontville]

This is a good question, and one of the differences between the SCAPv2 architecture and what we've also been working on in IETF SACM. So far, the SCAPv2 community working on this architecture has put the Manager (essentially a posture assessment orchestrator) between any application relying on the and the repository itself.

I think it's probably a good idea to revisit this within the group.

That said, we do have a desire to rely on data for a certain period, and also to recognize when data is no longer reliable (i.e. it's lost its freshness). If we support direct repository interactions, then either the requester would need to handle what to do about stale information (i.e. interact with the Manager to gain fresh information), or the Repository would need to do that on behalf of the requester (i.e. the Repository would interact with the Manager to gain fresh information).