OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti-stix message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: STIX 2.0 Specification Questions


Well said Greg!

 

It’s what I have been trying to say (in my muddled way) for the past few days (see my last email).

 

I vote for this replacement sentence!!

 

From: Back, Greg
Sent: Thursday, August 11, 2016 11:08 AM
To: Piazza, Rich <rpiazza@mitre.org>; Wunder, John A. <jwunder@mitre.org>; cti-stix@lists.oasis-open.org
Subject: RE: STIX 2.0 Specification Questions

 

I wonder if what really bugs me is the passive nature of that sentence.

 

Would it be better to say:

“If a consumer has received multiple versions of an object, the consumer MUST interpret any references to that object as referring to the latest version they have received.”

 

I still think SHOULD is better, in the RFC 2119 sense of “there may be valid reasons not to do X, but make sure you understand the full implications before not doing X”. If a consumer wants to use an older version (for instance, they no longer trust new information from the object creator), do we really want to consider them non-conformant?

 

I also think that the “MAY” in the third sentence quoted is not a RFC 2119 “MAY”, but should just be “may”.

 

Greg

 

From: Piazza, Rich
Sent: Thursday, August 11, 2016 8:49 AM
To: Back, Greg <gback@mitre.org>; Wunder, John A. <jwunder@mitre.org>; cti-stix@lists.oasis-open.org
Subject: RE: STIX 2.0 Specification Questions

 

I am uncomfortable with not using a MUST in that sentence.  But I could live with a SHOULD.  I would be against taking the sentence out entirely.

 

From: cti-stix@lists.oasis-open.org [mailto:cti-stix@lists.oasis-open.org] On Behalf Of Back, Greg
Sent: Wednesday, August 10, 2016 5:32 PM
To: Wunder, John A. <jwunder@mitre.org>; cti-stix@lists.oasis-open.org
Subject: [cti-stix] RE: STIX 2.0 Specification Questions

 

I dislike the idea of MUST requirements on how data is to be interpreted. Particularly if receiving a new version of a common object (such that a new version is “available”) requires a change to how existing data is interpreted. SHOULD at most, but I wouldn’t be opposed to removing it entirely.

 

Greg

 

From: cti-stix@lists.oasis-open.org [mailto:cti-stix@lists.oasis-open.org] On Behalf Of Wunder, John A.
Sent: Tuesday, August 09, 2016 4:26 PM
To: cti-stix@lists.oasis-open.org
Subject: [cti-stix] STIX 2.0 Specification Questions

 

Do we need a line in the specification to indicate that ID references between objects MUST always be resolved to the newest version of the object?

 

Right now, we have text in the IDs and References section which says this:

 

ID references resolve to an object when the value of the ID reference property (e.g., created_by_ref) is an exact match with the id property of another object. If an ID reference resolves to an object for which multiple versions exist, the reference MUST be resolved to the latest available version of the object. ID references MAY refer to objects to which the consumer/producer may not currently have. This specification does not address the implementation of ID reference resolution. (https://docs.google.com/document/d/1HJqhvzO35h62gQGPvghVRIAtQrZn3_J__0UcDAj-NXY/edit#)

 

Note the sentence in red. We added that a couple weeks ago because some people felt it was not fully specified to resolve an ID reference to an object…they felt that ID references should implicitly always resolve to the newest version of the object. On the other hand, Allan has said that resolving ID references within a tool is a function of that tool and we should not have normative requirements around it. Some tools may want to resolve it to all versions of an object and show the full history, others may show the newest, etc. His full comment is available in the google doc.

 

So the question is…should that sentence remain in the document? If so, is it a MUST requirement or a SHOULD requirement?



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]