[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-stix] Time Ranges
I like the original names as they provide a level of semantic clarity that is not provided by time1, time2….etc without having to read a spec on what is the definition of time1, time2. From an object model in a database/product vendors can normalize the names to time1, time2 if they wish. But this protocol is a data exchange and clarity is better with the explicit names. Allan Thomson CTO (+1-408-331-6646) From: "cti-stix@lists.oasis-open.org" <cti-stix@lists.oasis-open.org> on behalf of Bret Jordan <Bret_Jordan@symantec.com> Relationship Object start_time stop_time Indicator Object valid_from valid_until Campaign, Intrusion Set, Malware first_seen last_seen Malware Analysis Type start_time end_time Observed Data first_observed last_observed Bret |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]