Uploaded image for project: 'Technical Advisory Board'
  1. Technical Advisory Board
  2. TAB-1515

3.3 - 3.4.2 Deeply confusing - Part 1

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: New
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: STIX Version 2.0 CSPRD01
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Environment:

      Style

    • Proposal:
      Hide

      Here is a sketch that won't capture every requirement but if fleshed out, would give your readers a chance at following the differences between creators and non-creators:

      3.2 IDs

      The id property identifies an SDO, SRO, Bundle, or Marking Definition object. The value of an id property MUST meet the requirements defined in 2.4 Identifier.

      Ids are generated by the creator of an object. The creator of an object is identified by the value of a created_by_ref property.

      3.3 Modifying/Updating Objects

      3.3.1 Introduction

      Objects can be modified by their creators by revision (3.3.2 Revisions) or by non-creators by creating new objects (3.3.3 New Objects).

      3.3.2 Revisions

      Creators of an object create new versions of that object to update, add, or remove information. The modified property is updated to reflect the time of modification.

      Note: Revocation is considered an "update" and the modified property is updated to reflect the time of revocation.

      Where multiple revisions of an object are present, the revision with the most recent timestamp is the current state of the object. (comment: I'm hedging on "most recent version." You probably need a note on the natural order of timestamps.)

      3.3.3 New Object

      Non-creators can modify any object by creating a new object, with a new ID property and incorporating some, all or changing the properties of the modified object.

      The derived-from Relationship object establishes a relationship between the new object and its original.

      (comment: Do you want to require that derived-from property?)

      3.3 Revocations

      Objects can be revoked, that is, be no longer considered valid by their creator.

      A value of true in the revoked property of an object indicates the object and all prior versions have been revoked.

      Revocation is permanent.

      (who revokes anonymous objects?)

      3.4 References

      The value of an ID functions as a reference when used with ID references, such as the created_by_ref.

      Resolving an ID reference is the process of identifying and obtaining the object referred to by the ID reference property.

      (You need to consider what you mean by "exact match" in a Unicode context. Better to pick a string equivalence test)

      Where versions of an object exist, a reference is resolved to the latest version.

      (Can you say a bit more about: "ID references MAY refer to objects to which the consumer/producer may not currently have." Is this a MAY or simply an observation? At least in part one I haven't seen any requirement for what must be transmitted.)

      Drop 3.4.1 and 3.4.2. I don't think you are gaining anything from them.

      Each paragraph attempts to convey one idea, separate from the others in a logical progression.

      Show
      Here is a sketch that won't capture every requirement but if fleshed out, would give your readers a chance at following the differences between creators and non-creators: 3.2 IDs The id property identifies an SDO, SRO, Bundle, or Marking Definition object. The value of an id property MUST meet the requirements defined in 2.4 Identifier. Ids are generated by the creator of an object. The creator of an object is identified by the value of a created_by_ref property. 3.3 Modifying/Updating Objects 3.3.1 Introduction Objects can be modified by their creators by revision (3.3.2 Revisions) or by non-creators by creating new objects (3.3.3 New Objects). 3.3.2 Revisions Creators of an object create new versions of that object to update, add, or remove information. The modified property is updated to reflect the time of modification. Note: Revocation is considered an "update" and the modified property is updated to reflect the time of revocation. Where multiple revisions of an object are present, the revision with the most recent timestamp is the current state of the object. (comment: I'm hedging on "most recent version." You probably need a note on the natural order of timestamps.) 3.3.3 New Object Non-creators can modify any object by creating a new object, with a new ID property and incorporating some, all or changing the properties of the modified object. The derived-from Relationship object establishes a relationship between the new object and its original. (comment: Do you want to require that derived-from property?) 3.3 Revocations Objects can be revoked, that is, be no longer considered valid by their creator. A value of true in the revoked property of an object indicates the object and all prior versions have been revoked. Revocation is permanent. (who revokes anonymous objects?) 3.4 References The value of an ID functions as a reference when used with ID references, such as the created_by_ref. Resolving an ID reference is the process of identifying and obtaining the object referred to by the ID reference property. (You need to consider what you mean by "exact match" in a Unicode context. Better to pick a string equivalence test) Where versions of an object exist, a reference is resolved to the latest version. (Can you say a bit more about: "ID references MAY refer to objects to which the consumer/producer may not currently have." Is this a MAY or simply an observation? At least in part one I haven't seen any requirement for what must be transmitted.) Drop 3.4.1 and 3.4.2. I don't think you are gaining anything from them. Each paragraph attempts to convey one idea, separate from the others in a logical progression.

      Description

      3.3 - 3.4.2 (although this appears elsewhere as well), have clauses that mix subjects, such as 3.3 Object Creator, that goes on to impose requirements on non-creators "An entity that accepts objects and republishes them with modifications, additions, or omissions MUST create a new id for the object."

      3.4 switches from describing creators and impliedly non-creators, to describe STIX objects. switching perspectives is never a useful standards technique.

      The idea that is being so poorly stated here isn't a bad one, just poorly expressed and likely to confuse readers. The admixture of MUST and MUST NOT doesn't improve this section.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              patrick Patrick Durusau
            • Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: