OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

openc2-lang message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Property Tables and Extensability.

Language Subcommittee,

Last week during our weekly meeting I challenged 3 changes to the language document. Admittedly I was trying to wrap my mind around the new format and may have been too hasty in my challenges. I made the wrong assumption that we would have a discussion about the challenges later on during the meeting that would clear up my position. In the last few days I have talked at length with several people in the subcommittee and have come to the following conclusions.

Primarily, I challenged both hashes and reputation in the property table for the "file" target. This challenge was mostly based on the fact that I no longer thought my use case supported this scenario, not the fact that these properties were/are still valid. Upon further reflection I realize that challenging these did not create the affect I wanted, which was to discuss a diffrent type of target. With that being said I would like to resend my challenges on both of these properties for the "file" target property table. 

Secondly, as for the extensibility challenge. Again my challenge here was in order to have a conversation about the structure of the language. Depending on the structure the language can be extended slightly differently. After speaking with sfractal I realize that these two things are slightly diffrent issues. My main issue with the current extensibility model is that I want to know when and possibly where my namespace is being extended from. I am working with Dave Kemp in order to create something, logically not structurally, we can both live with.

As an aside I would still like to revisit this structure conversation because It is my contention that the draft language spec has language in it which is beneficial in the organization of the OpenC2 message which current use cases seem to be ignoring. Then again it could also be that I am reading it incorrectly if so please point me in the right direction.

Sorry if these challenges caused issues, hopefully this explanation helps clear up some of what I was thinking at the time.

Again, just for clarity please remove my two challenges related to "file" property table (hash, reputation)

V/R


--

Danny Martinez

Cybersecurity Engineer

G2, Inc.

302 Sentinel Drive, Suite 300

Annapolis Junction, MD 20701

Mobile: 407-257-0031

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]