[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti] IDs with uuidv5 too
As the original proposer of opening up flexibility to UUIDv5, I'd like to point out a simple solution that was part of the original proposal: prefix the seed with your Namespace (e.g., my company.com, cyberdivision1.my company.com) All we are asking for is removing the MUST constraint to UUIDv4. Since the version numbers are encoded in the UUID (and therefore testable for compliance), the UUIDv4 constraint prevents other means of generating UUID that would provide value to many in the community. The only functional STIX Requirement is that these UUIDs be unique. If we were to codify the use of organization namespaces as the prefix to any UUIDv5, we have a very low probability of collisions. Patrick Maroney Principal Engineer - Data Science & Analytics Wapack Labs LLC (609)841-5104 On May 22, 2017, at 5:22 PM, Terry MacDonald <terry.macdonald@cosive.com> wrote: Hi Jason, It can't result in collisions if every vendor uses a different starter uuid. If you produce two UUIDv5 outputs, use a different starter uuid for each one yet use the same internal primary identifier each, you will still get two different UUIDv5 outputs. My proposal goes even further than requiring different starter UUID's for each vendor, as I suggest we require each vendor to have their own different start UUID's for each type of object that they create. This makes the 'nsmespaces' even smaller, reducing the chance of collisions even further. My proposal removes the requirement for vendors to make structural changes to their internal databases in order to bolt-on STIX support. They also don't need to sort and additional massive lookup table as you have done. I've heard from a few vendors that this is how they are doing it already internally. I figured that if it's already being done then maybe it's a need that's currently missing from the standard. Hence my proposal. I'd much rather have this officially allowed as an option for generating IDs rather than people doing it 'illegally'. Cheers Terry MacDonald Cosive On 23/05/2017 00:24, "Jason Keirstead" <Jason.Keirstead@ca.ibm.com> wrote:
|
Attachment:
signature.asc
Description: Message signed with OpenPGP
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]