[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: ID Contributing Properties
Iâm attempting to derive ârealâ deterministic ids for the examples in the spec. Right now the SCO are expressed as âstand-insâ that look like âtype--00000000-0000-0000-0000-000000000000â. Iâm writing a script that will generate the ids â but I have encountered some text in the spec which seems ambiguous. They concern SCOs where a hash is one of the id contributing properties: Here are the three uses: For Artifact: hashes,
payload_bin Where
1.
if
hashes exists only include 1 hash from this common ordered list (based on the following order of preference)
[ md5, sha1, sha256, sha512 ]
2.
if no hashes are defined and
payload_bin exists include only the
payload_bin For File: hashes,
name,
extensions Where
1.
if
hashes exists include 1 hash from this ordered list [ md5, sha1, sha256, sha512 ] only
2.
If no hashes
a.
Include defined
extensions
b.
Include defined
name
For X509 Certificates:
hashes,
serial_number
Where
1.
if
hashes exists include 1 hash from this ordered list [ md5, sha1, sha256, sha512 ] only
2.
Include serial_number The way I read this, Artifact and File only include other properties if there are no hashes available, but X509 Certificates always includes serial_number. If that is the case, then I would probably want to clean up the text â but Iâm not sure that this is what was intended. Can someone more explicitly describe the use of the contributing properties for these three types? Rich -- Rich Piazza The MITRE Corporation 781-271-3760 |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]