OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [EXT] [cti] Motion for STIX Identifiers

Thanks for the idea Pat, but this does not solve any of the problems that we have and are trying to address.  This would actually make things worse. 


From: cti@lists.oasis-open.org <cti@lists.oasis-open.org> on behalf of Patrick Maroney <pmaroney@darklight.ai>
Sent: Thursday, April 11, 2019 1:20:51 PM
To: cti@lists.oasis-open.org
Subject: [EXT] [cti] Motion for STIX Identifiers

I make the following motion to the Chairs of the OASIS CTI TC.




  • Change the existing language of the 2.0 CSD for Identifier
  • Remove the UUIDv4 restriction.  


Type Name: identifier


An identifier universally and uniquely identifies a SDO, SRO, Bundle, or Marking Definition. Identifiers MUST follow the form object-type--UUID, where object-type is the exact value (all type names are lowercase strings, by definition) from the type property of the object being identified or referenced and where the UUID is an RFC 4122-compliant UUID. The UUID MUST be generated according to the algorithm(s) defined in RFC 4122, [RFC4122].


Please note the following assertions:


  • The only requirement for the UUID portion of a STIX Identifier is uniqueness.
  • Any RFC 4122 compliant ID form meets this requirement  (Including UUIDv1).
  • RFC 4122 addresses the requirements for how compliant UUIDs are generated.



Patrick Maroney


Email:  patrick.maroney@darklight.ai



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]