I’m not sure I agree with that.
A library of locations could be used (as an advantage) for either case to ensure commonality and consistency regardless.
In one case it would be referenced.
In another it would be copied. But the value of having a ‘library’ of location to represent common constructs of location is valuable whether referenced or copied.
Allan
From:
"cti@lists.oasis-open.org" <
cti@lists.oasis-open.org> on behalf of Bret Jordan <
Bret_Jordan@symantec.com>
Date: Monday, June 12, 2017 at 7:54 AM
To: Nicholas Hayden <
nhayden@anomali.com>
Cc: Jason Keirstead <
Jason.Keirstead@ca.ibm.com>, John-Mark Gurney <
jmg@newcontext.com>, "cti@lists.oasis-open.org" <
cti@lists.oasis-open.org>, "Back, Greg" <
gback@mitre.org>, "Nathan S. Reller" <
Nathan.Reller@jhuapl.edu>
Subject: [cti] Re: [EXT] Re: [cti] [EXT] [cti] Location as a Top-Level SDO
Yes, if we do an embedded version, which it sounds like is the current trend, then we would not need a library.
Bret
From: Nicholas Hayden <
nhayden@anomali.com>
Sent: Monday, June 12, 2017 8:12:54 AM
To: Bret Jordan
Cc: Jason Keirstead; John-Mark Gurney; CTI OASIS GROUP; Back, Greg; Nathan S. Reller
Subject: [EXT] Re: [cti] [EXT] [cti] Location as a Top-Level SDO
At this point why make it an SDO why not just:
3. No Location SDO and embed information in objects, and make is an “Optional' field
Since we’re creating a library, what purpose is there to create a stand alone Object?
Best Regards,
Nicholas Hayden, CISSP, GICSP, CNDA, CEH, Sec+
Director of Engineering Anomali anomali.com
808 Winslow St Redwood City, CA 94063
Phone: (650) 257-0867 Twitter: @anomali
On Jun 11, 2017, at 11:58 PM, Bret Jordan <
Bret_Jordan@symantec.com > wrote:
So if we were going to do this, we would probably need to build a library of locations by country and regions and publish them as a Committee Note and hope people just use the them for locations
at the granularity of a country or group of countries.
Bret
From:
cti@lists.oasis-open.org <
cti@lists.oasis-open.org >
on behalf of Jason Keirstead <
Jason.Keirstead@ca.ibm.com >
Sent: Sunday, June 11, 2017 7:35:18 PM
To:
jmg@newcontext.com Cc: Bret Jordan;
cti@lists.oasis-open.org ;
gback@mitre.org ;
Nathan.Reller@jhuapl.edu Subject: Re: [cti] Re: [EXT] [cti] Location as a Top-Level SDO
You are assuming that we don't create a repository of "standard" location SDOs for things like continent and country names - IE the things that people would want to share in
the first place. Which, I don't see why we would not do this, seeing how we're doing it for things like CAPEC.
-
Jason Keirstead
STSM, Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security Without data, all you are is just another person with an opinion - Unknown