[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: Inconsistencies/typos in the specs
|
One more thing in Part 4: ·
In the “Basic Stream Socket” socket-ext example: is_listening should be a boolean, not a string. From: cti@lists.oasis-open.org [mailto:cti@lists.oasis-open.org]
On Behalf Of Piazza, Rich Some things to clean up on the next editing pass… ·
Part 2:
o
Attack pattern example: external_reference should have an external_id property
o
Too nit-picky? The create time of the malware in the coa example is after the create time of the relationship that refers to it
o
Same example: the malware object has a “relationship_type” property, not a “name” property
o
2016-01-201T17:00:00Z
in the report example has a 3 digit day
o
Probably too late to fix, but the threat-actor example is pretty skimpy ·
Part 4
o
home_dir in unix-account-ext isn't a ref to a directory object, but just a string
o
the x509 extension is named inconsistently: most other extensions are "foo_ext", this one is 'x509-v3-extensions-type'
o
In the x509-certificate properties table, there is no entry for extension, even though it has one.
o
Timestamp in pe-binary-file needs a trailing Z
o
Windows-service-ext example should have service_name, not display_name
o
In the x509 example, validity_not_before and validity_not_after are after subject – but that is not the order in the table. No big deal – but examples usually follow the order in the table. Same
for the |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]