OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti-cybox message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: CybOX 3.0: File Object Refactoring

Real fast drive-by opinions:


File names and paths are annoying. Python makes them so much easier by saying, "Meh, whatever. Just use slash (/) on all OSes, and be happy." I'd vote for that, though my Windows-only friends might find that a hard pill to swallow. (Once I got over that myself, it made a ton of sense.)


I'd also like to find a way to consolidate full path and components, so we have one way to match the right file. Maybe file glob notation is good, ala git's "**/folder/file.ext".


The "components" list doesn't make it clear when a file path begins with a "/".


The "file extension" concept is antiquated. Yes, it's used by Windows and sometimes other OSes to determine file type, but these days we have the Magic Number and MIME Type guessers. So, I'm all for just including whatever ".xyz" in with the full file path. And maybe, adding Magic Number and/or MIME Type to better describe the stuff inside the file.


JSA

From: cti-cybox@lists.oasis-open.org <cti-cybox@lists.oasis-open.org> on behalf of Kirillov, Ivan A. <ikirillov@mitre.org>
Sent: Thursday, November 19, 2015 12:20 PM
To: cti-cybox@lists.oasis-open.org
Subject: [cti-cybox] CybOX 3.0: File Object Refactoring
 
All,

As Trey mentioned in his previous email, we’ve been thinking about how to refactor and fix the issues associated with the File Object (and its subclasses). Accordingly, we’ve put together a page that outlines the existing issues and our ideas on addressing them: https://github.com/CybOXProject/schemas/wiki/CybOX-3.0:-File-Object-Refactoring
CybOXProject/schemas
schemas - CybOX Schemas and Schema Development


We’ll be discussing this during today’s call, but we’d love to get your input here (and/or on Slack) as well – generally on your feelings with regards to these changes, but also on:
  • Are there any other issues with the File Object and its subclasses that we’re missing?
  • Does the concept of domain-specific/context-specific extension points make sense?
    • Are there any other default extensions that we should be adding?
    • Are there any other properties for the default extensions that we should be adding?
Also, we’d like to highlight that we’re still thinking through some of the implications of this approach (how to manage/version/update extensions, etc.), so consider this a living document.

Regards,
Ivan and Trey

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]