Among ourselves we agreed that versioning should be within the MVP for 2.0.
The ability to reference a specific version means that their should be some mechanism to explicitly state which version someone wants to represent.
We didn't explicitly cover the specific areas from which one would be able to reference a specific version. Going on the fly(others please correct me if you disagree): #1"You must be able to determine an object’s version" so I would say, you should be able
to specify a version anywhere you can specify an object.
Hi all... Thanks for the efforts!
Questions:
- Was there any discussion on if versioning is required for STIX 2.0 (MVP)?
- Can you expand on this " You should be able to reference a specific version" . What is the definition of "reference" in this context - from where should I be able to reference a specific version? In a TAXII query? In a relationship?
-
Jason Keirstead
STSM, Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security | www.securityintelligence.com
Without data, all you are is just another person with an opinion - Unknown
<graycol.gif>---03/18/2016
08:00:47 PM---Hi All, Some of the members from the versioning mini group meet today to discuss versioning:
From: <Marlon.Taylor@us-cert.gov>
To: <cti@lists.oasis-open.org>
Date: 03/18/2016 08:00 PM
Subject: [cti] Versioning Mini Group discussion
Sent by: <cti@lists.oasis-open.org>
Hi All,
Some of the members from the versioning mini group meet today to discuss versioning:
@John-Mark, @Terry, @Sean, and @myself
Due the recent divergences on the topic of versioning, we focused on what ‘versioning’ means to us. Through our discussion we agreed upon some core principles for versioning and some derived features from those principles.
Core Principles
1. You must be able to determine an object’s version
2. Versions are immutable
3. You must be able to determine ordinality among versions
Features:
a. You should be able to reference the latest version
b. You should be able to reference the a specific version
Through these core principles we were able to define these terms going forward:
· Version – (Core #1) should be determined by some combination of an object’s properties
· Update – (Core #2) any modification of the properties used to determine version yields a new version
Using these principles we were able to address revocation as an update to a revoked object/version.
Overall it was a productive meeting and where among ourselves we have agreed on core principles for versioning.
That being said there are still open questions that need to be addressed.
-Marlon