[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-stix] RE: STIX 2.0 Specification Questions
Jason Keirstead wrote this message on Fri, Aug 12, 2016 at 11:03 -0300: > For the record - I agree with Allan on this. We should not be attempting to > define when someone should version an object. This is up to the tool > implementer / producer of the intel and is highly context-specific (we will > never get it right). I agree that we cannot define when somone should version an object. I'm just saying that we shouldn't break versioning because someone's new "version" of an object conflicts w/ a relationship. Either they should have created a different object, OR they could have revoked the relationship before/at same time, as the new object... What happens when someone revisions COA or something, and then deploys an Indicator that references it? If we allow a free for all on which version of the object is used, that really creates confusion on the producer for what the consumer will use/see. This could actually hamper people from using versioning. Oh, they are using a product that is known not to work w/ versioning, so instead of versioning an object, we'll just always create new objects, etc. Maybe this more should be in an implementors guide, but as we don't have a document where we can put this information, where else are we going to put it? -- John-Mark
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]