Thanks for posting this, Ivan. +20 for refactoring Addresses!
Two thoughts:
1. IPv4 and IPv6 are mutually-exclusive data formats. Why can't we just have one generic "ip_address" object that accepts data in both formats? The client will have to validate the data anyway, so let the client figure out whether it has an IPv4 or IPv6 address.
2. Let's get rid of the netmasks entirely and just have one generic CIDR object (for both IPv4 and IPv6). If someone has a netmask they want to share, make them convert it into CIDR first. The logical transformation between netmask and CIDR is lossless, so there's no worries there. It's an easy conversion, and there's already code for it:
https://python-iptools.readthedocs.org/en/release-0.5.0/#iptools.netmask2prefixJSA
________________________________________
From:
cti-cybox@lists.oasis-open.org <
cti-cybox@lists.oasis-open.org> on behalf of Jerome Athias <
athiasjerome@gmail.com>
Sent: Tuesday, October 27, 2015 12:47 PM
To: Kirillov, Ivan A.
Cc:
cti-cybox@lists.oasis-open.orgSubject: Re: [cti-cybox] CybOX 3.0: Address Object Refactoring
Does this make sense or not?
Yes
Which of the options around IP Address specification (option 1 or
option 2) do you prefer?
Option 2 (Note that simple regexs would avoid the 'Version issue' anyway)
Do you agree with using CIDR notation as the only supported syntax for
IP addresses?
Ok for me
Do you think we need other Objects for capturing ATM address and net masks?
I would say no
2015-10-27 19:35 GMT+03:00 Kirillov, Ivan A. <
ikirillov@mitre.org>:
All,
Trey and I have been busy thinking about some ideas around refactoring
related to CybOX 3.0. The first idea we’d like to propose to you is around
the refactoring of the Address Object into more atomic entities (as
discussed in some of the GitHub issues):
https://github.com/CybOXProject/schemas/wiki/CybOX-3.0:-Address-Object-Refactoring
Let us know your thoughts! In particular we’d love to know:
Does this make sense or not?
Which of the options around IP Address specification (option 1 or option 2)
do you prefer?
Do you agree with using CIDR notation as the only supported syntax for IP
addresses?
Do you think we need other Objects for capturing ATM address and net masks?
Regards,
Ivan and Trey
---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail. Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail. Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php