All,
As you may remember we added the hashes property in the days leading up to the final CSD of STIX 2.0. This was done at the request of a TC member. However, we never really worked through it or did any implementationÂwork. After 2.0 shipped and at the SL Face2Face I brought up one issue with the hashes property that made it difficult or impossible to implement. While we did not fully address that issue, we did try to minimize its impact.Â
Now there is another issue. When generating the content to be hashed, what is supposed to be included? Just the HTML content from the page? What about any HTTP headers? What happens when that content goes throughÂa proxy and headers are changed or URLs are defanged. What happens when the content is delivered to one user via HTTP and another user via some other means. There is no guidanceÂin the document or any information about how to actually do this in an interoperable way.Â
My suggestion is that we just drop / remove this property from external references until such a time that we can actually flesh it out and make sure it is going to work.
Thanks,
Bret
PGP Fingerprint:Â63B4 FC53 680A 6B7D 1447 ÂF2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."