[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [EXT] STIX 2.1 WDD05 discrepancies
|
The hashes issue was discussed on a working call on 8/6 and the overwhelming consensus was to not do anything at this time.
The other editorial changes have been made and will be included in working draft 06.
Bret
From: Lenk, Chris <clenk@mitre.org>
Sent: Thursday, July 25, 2019 1:41:35 PM To: Bret Jordan <Bret_Jordan@symantec.com>; Piazza, Rich <rpiazza@mitre.org> Subject: [EXT] STIX 2.1 WDD05 discrepancies Hello,
In reviewing the latest STIX draft for the ballot, I noticed that the description for the hashes property type in section 2.7 still says hashing algorithm names SHOULD come from hash-algorithm-ov but the descriptions of all actual properties using the hashes type say they MUST come from that open vocab. I had made a comment in the doc about this in the interest of consistency, but didn’t double check it when it got resolved.
However, to say a value MUST come from an open vocabulary (that can contain anything) seems odd. To me it seems it should either be changed to an enum, or it changed to a SHOULD in the descriptions of all properties using the hashes type. When validating STIX content, as currently written we’ll have to treat it like a SHOULD anyways unless it’s changed to an enum.
I don’t think this should hold up 2.1, but wanted to bring it up. Apologies for not being able to make it to the working call on the 9th where this was discussed.
Also, in section 9.1 the patterning definition of Observation is still defined as represented by Observed Data SDOs, but those are now deprecated.
Finally, I found the following minor typos:
Thank you,
Chris Lenk MITRE |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]