[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Ballot results: Object Markings
|
All, The ballot for object markings closed, and the result was that the ballot failed and therefore we will
not move the Object Markings text to consensus:
https://www.oasis-open.org/committees/ballot.php?id=2947 That said, we got a lot of great comments that mostly followed the same theme: rather than rejecting the fundamental approach for doing markings, they were suggestions to change/remove most of the normative
requirements saying what consumers and producers have to do with data markings. So in an effort to move things forward a bunch of people who commented and voted no got together (along with me) and we put together updated text that should hopefully achieve
consensus. The new text is copied below and in the playground here:
https://docs.google.com/document/d/1wiG6RoNEFaE2lrblfgjpu3RTAJZOK2q0b5OxXCaCV14/edit#heading=h.f3dx2rhc3vl Can everyone please review this and let us know if it resolves your comments? I know there were also comments about not doing markings by reference, but I only saw 2 of them and so I don’t think that makes
it worth re-doing our marking approach. I’d like to give people a couple days to review this and then have another ballot to accept the text as consensus. Thanks, John ---
6.5. Object-Level Markings
Data markings provide the ability to mark data in STIX, typically to represent restrictions and permissions for how that data can be used and shared. For example, data may be
shared with the restriction that it not be re-shared, or that it must be encrypted at rest. Object-level data markings define how markings are applied to TLOs. Object-level markings are contained in the
object_marking_refs field, which is an optional list of ID references (of type
identifier) that resolve to objects of type
marking-definition. The markings referenced by the
object_marking_refs field and defined in the
marking-definition object apply to that TLO and all of its fields.
6.5.1. Precedence Some types of marking definitions have rules about precedence. If the marking definition defines these rules, markings appearing earlier in the list have precedence over those
appearing later. For example, a TLP marking appearing as the first element in the list has precedence over a TLP marking appearing as the second element.
6.5.3. Examples This example marks the indicator with the marking definition referenced by the ID. { "type": "indicator", "id": "indicator--089a6ecb-cc15-43cc-9494-767639779235", ... "object_marking_refs": ["marking-definition--089a6ecb-cc15-43cc-9494-767639779123"], ... } |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]