[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: STIX 2.0 specification - comment about 4.2 Custom Top Level Objects
Hi All, We did a quick review of 4.2 Custom Top Level Objects and especially with the idea to implement a MISP custom TLO. We saw some small inconsistencies in the section. In 4.2.1 in the required common property is "revision" but the example in 4.2.2 there is no property "revision" but a "version" property. In this scope, what is the exact meaning of the version? is this the format version of the custom TLO? If this is "version" like defined in 6.1 TLO common properties, the example is fine but "revision" should be "replaced"in 4.2.1. In 4.2.1 type field SHOULD start with an "x_" to avoid any collision with future version of STIX but it could be better to have a MUST if there is no registered name for custom object and ensuring a public repository (IANA-like) for the custom object name. I'm not sure if there is a structure within OASIS to keep track of assignment within a specific standard. Are all TLO common properties applicable to custom TLO? If yes, it might be useful to state it in the document. I hope this helps. Thank you very much. -- Alexandre Dulaunoy CIRCL - Computer Incident Response Center Luxembourg 41, avenue de la gare L-1611 Luxembourg info@circl.lu - www.circl.lu
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]