OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

sarif message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Defining a "result management system" conformance profile

The fingerprint-related issues #122 and #126 impose normative requirements on how a result management system computes fingerprints (for example, it SHALL NOT include a non-deterministic absolute URI in its computation). Therefore we need a result management system conformance profile to say that a conformant result management system is one that satisfies those requirements.


I don’t think this is controversial, but just for tracking purposes I filed the CSD.1 issue #154, “Define a ‘result management system’ conformance profile.” I’ll include it in the same change draft as the fingerprint issues.


It’s as easy as this:


Conformance Clause 10: Result management system

A result management system satisfies the “result management system” conformance profile if:

·         It satisfies the “SARIF consumer” conformance profile.

·         It additionally satisfies the normative requirements in §3 and Appendix B (“Use of fingerprints by result management systems”) that are designated as applying to result management systems.


Appendix B will now be Normative instead of Informative because it contains the fingerprint computation requirements.



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]