OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

was message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [was] The ID generation issue

Peter Michalek wrote:
>>   Well, I'd really like to see the parts be independent from each
>>   other. Otherwise I don't see who will adopt them as standard.
>>   Vulnerability scanner people are not interested in metadata or
>>   protect. Web application firewall people are not interested in
>>   anything but Protect. And so on...
> I think in general all "security domain" providers will be intersted in 
> the generic parts: profile and metadata.

   That's why we must seek their active participation as soon as
   we come out with a draft of some kind.

> However, we still need to provide a way to reference another instance by 
> ID - which we already do in the schema (we need to make sure this sample 
> validates, I just posted it):
> http://www.evdl.net/latest/examples/example-protect-by-ref-1.xml

   Hmm, where is the reference in this example? The ID? Or did you mean
   the other example:


   Either way, Protect (Detect & SCA too) needs a way to reference
   entries in other vulnerability databases. For example:

   <recipe ...>
       <reference publisher="bugtraq" id="133" />
       <reference publisher="cve" id="1999-0060" />
       <reference publisher="other" 
id="http://security.e-matters.de/advisories/112004.html"; />

   (I am aware of the references section in the Profile part, this is
    just an example.)

   I am struggling with myself to decide whether any of the SCA, Protect,
   and Detect parts need to include the Profile part. I can see how the
   Metadata part is needed so that's fine. But the profile part seems to
   complex. I'll give the schema a good look and we'll talk about this
   on Wednesday.

Ivan Ristic (http://www.modsecurity.org)

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]