[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Changes to the Common Object Repository (COR)
Hi All, With the introduction of the new OASIS-OPEN repo for python-stix2 extensions (https://github.com/oasis-open/cti-python-stix2-extensions), a discussion of naming subdirectories
was needed. It is proposed that this naming convention should be followed: <STIX object type name>-<extension definition id's UUID first three letters>. For multiple extension definitions which are related, use the "root" STIX object type name. (e.g., the “Incident” extension also defines Task, Event and Impact) therefore the directory name is:
incident-ef7 Because new marking-definitions are someone unique, we propose that the marking definition name be included in the directory name. acs-marking-definition-3a6 Once the final extension policy is approved, there could be multiple extensions based on the same existing STIX object, or new concept. Adding the first three letters of the UUID deals with name collisions. It is proposed that the COR would use similar names (see
https://github.com/oasis-open/cti-stix-common-objects/tree/main/extension-definition-specifications). This is to reduce confusion between the two repositories. Unfortunately, we “jumped the gun” and made these changes before they were discussed with the TC. If there are any objections to this naming convention, we will revert to the old names. Additionally, if you have a preferred naming convention, please suggest it. This is a list of the extensions, with their old and new directory names: Old
New acs-data-markings acs-marking-definition-3a6 malware-artifact artifact-805 identity-contact-information identity-66e incident-core incident-ef7 malware-behavior malware-behavior-8e9 stix-1x and tlp-2.0 have not been renamed. You may notice some additional extensions, which will be discussed at a future working call. Extension-definition objects in
https://github.com/oasis-open/cti-stix-common-objects/tree/main/objects/extension-definition have been updating to conform with this change. All the best, Rich -- Rich Piazza Lead Cyber Security Engineer The MITRE Corporation –––––––––––––––––––––––––––––––––––– MITRE - Solving Problems for a Safer World™ |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]