OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti-stix message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [cti-stix] Typo in range of integers

I think it may be the result of a misunderstanding, it came as a result of this comment from the TAB: https://issues.oasis-open.org/browse/TAB-1501. If you look at the JSON spec it calls out that range as the set that allows you to precisely represent the integer, but I think when we got that comment we didn't explicitly make that decision…we just saw that comment with the value, saw it in the JSON spec, and copied it in.

IMO we could just change that to be 63 and it would be fine, unless people feel like it’s important to constrain the range further to avoid being able to represent imprecise integers.

John

On 6/9/17, 8:25 AM, "cti-stix@lists.oasis-open.org on behalf of Back, Greg" <cti-stix@lists.oasis-open.org on behalf of gback@mitre.org> wrote:

    I agree it has the potential to be confusing. I was just trying to recall the explanation for why it was the way it was before we went and changed anything :-)
    
    Greg
    
    On 2017-06-08, 6:09 PM, "John-Mark Gurney" <jmg@newcontext.com> wrote:
    
        Back, Greg wrote this message on Tue, Jun 06, 2017 at 03:28 +0000:
        > Was it because JSON don’t have a separate integer type, so those are the max/min integers that can be represented precisely in IEEE 754?
        
        This is likely that case, but it's confusing to talk about a 64-bit
        value, but then define the range of a 64-bit value as a 54-bit value.
        If this is the case, we should change the wording, as it stands, the
        wording is very confusing.  Better to say that all integers must be
        represented as a signed 54-bit value.  And then add text about why,
        and that a 64-bit value for intermediate is fine, but that still means
        you need to add range checking before/after..
        
        > From: <cti-stix@lists.oasis-open.org> on behalf of John-Mark Gurney <jmg@newcontext.com>
        > Date: Monday, June 5, 2017 at 7:38 PM
        > To: Ivan Kirillov <ikirillov@mitre.org>, "Jordan, Bret" <bret.jordan@bluecoat.com>, "cti-stix@lists.oasis-open.org" <cti-stix@lists.oasis-open.org>, Sarah Kelley <sarah.kelley@cisecurity.org>
        > Subject: [cti-stix] Typo in range of integers
        > 
        > In Part 1 of STIX, Section 2.6, there is the text:
        > Unless otherwise specified, all integers MUST be capable of being represented as a signed 64-bit value ([-(2**53)+1, (2**53)-1]).
        > 
        > It looks like 53 was used instead of 63.  Or was this changed for some reason?  A signed 64-bit has a larger range that specified here.
        
        -- 
        John-Mark

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]