OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti-cybox message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [cti-cybox] vocabulary items in cybox network extensions

>> The general rule should be to use standard vocabularies as they are defined by the authoritative source, rather than changing them to suit our preferences.

Agreed.

As far as IPFIX and the like, that’s a good point. We do already allow for preserving case in some dictionaries, such as the environment_variables property on the Process Object. Therefore, since we use dictionaries as a way of capturing properties that we don’t formally define in our data model, perhaps we should just allow the names of all dictionary keys to take on their original, case-preserved value?  

Regards,
Ivan

On 8/31/16, 9:59 AM, "cti-cybox@lists.oasis-open.org on behalf of Kemp, David P" <cti-cybox@lists.oasis-open.org on behalf of dpkemp@nsa.gov> wrote:

>Touche.   In the patched version, receivers would accept vocabulary items only in the exact form defined by the authoritative source.
>
>Cybox should still reference or copy authoritative vocabularies verbatim rather than copy-modify-pasting from them.
>
>Regards,
>Dave
>
>
>-----Original Message-----
>From: Trey Darley [mailto:trey@kingfisherops.com] 
>Sent: Wednesday, August 31, 2016 11:49 AM
>To: Kemp, David P <dpkemp@nsa.gov>
>Cc: OASIS CTI TC CybOX SC list <cti-cybox@lists.oasis-open.org>
>Subject: Re: [cti-cybox] vocabulary items in cybox network extensions
>
>On 31.08.2016 15:37:31, Kemp, David P wrote:
>> 
>> The IETF approach is to be strict in what is sent and liberal in what 
>> is received.
>> 
>
>Postel's Principle considered harmful...
>
>Patched version
>===============
>
>* Be definite about what you accept.
>
>* Treat valid or expected inputs as formal languages, accept them with
>  a matching computational power, and generate their recognizer from
>  their grammar.
>
>* Treat input-handling computational power as a privilege, and reduce
>  it whenever possible.
>
>--
>Cheers,
>Trey
>++--------------------------------------------------------------------------++
>Kingfisher Operations, sprl
>gpg fingerprint: 85F3 5F54 4A2A B4CD 33C4  5B9B B30D DD6E 62C8 6C1D
>++--------------------------------------------------------------------------++
>--
>"In any dispute the intensity of feeling is inversely proportional to the value of the issues at stake." --Sayre's law

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]