From 37632bac869767def7cde9442c32af60fff15494 Mon Sep 17 00:00:00 2001 From: david-waltermire-nist Date: Tue, 27 Aug 2019 12:22:22 -0400 Subject: [PATCH 1/4] fixed CDDL duplicate value: supplemental --- concise-swid-tag.cddl | 2 +- draft-ietf-sacm-coswid.md | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/concise-swid-tag.cddl b/concise-swid-tag.cddl index 1e1a68e..6b37eca 100644 --- a/concise-swid-tag.cddl +++ b/concise-swid-tag.cddl @@ -83,7 +83,7 @@ $rel /= patches $rel /= requires $rel /= see-also $rel /= supersedes -$rel /= supplemental +$rel /= supplements $rel /= uint / text $use /= optional diff --git a/draft-ietf-sacm-coswid.md b/draft-ietf-sacm-coswid.md index ba1e2c1..85e1e38 100644 --- a/draft-ietf-sacm-coswid.md +++ b/draft-ietf-sacm-coswid.md @@ -567,7 +567,7 @@ $rel /= patches $rel /= requires $rel /= see-also $rel /= supersedes -$rel /= supplemental +$rel /= supplements $rel /= uint / text ancestor=1 component=2 @@ -983,7 +983,7 @@ The following table indicates the index value to use for the link-entry group's | 8 | requires | The link references a prerequisite for installing this software. A patch SWID/CoSWID tag (see {{intro-lifecycle}}) can use this to represent base software or another patch that needs to be installed first. | 9 | see-also | The link references other software that may be of interest that relates to this software. | 10 | supersedes | The link references another software that this software replaces. A patch SWID/CoSWID tag (see {{intro-lifecycle}}) can use this to represent another patch that this patch incorporates or replaces. -| 11 | supplemental | The link references a SWID/CoSWID tag that this tag supplements. Used on supplemental SWID/CoSWID tags (see {{intro-lifecycle}}). +| 11 | supplements | The link references a SWID/CoSWID tag that this tag supplements. Used on supplemental SWID/CoSWID tags (see {{intro-lifecycle}}). {: #tbl-indexed-link-rel-values title="Link Relationship Values"} The values above are registered in the IANA "SWID/CoSWID Link Relationship Value" registry defined in section {{iana-link-rel}}. Additional values will likely be registered over time. Additionally, the index values 32768 through 65535 and the name prefix "x_" have been reserved for private use. @@ -1272,7 +1272,7 @@ defined in {{SWID}}. | 8 | requires | See {{indexed-link-rel}} | 9 | see-also | See {{indexed-link-rel}} | 10 | supersedes | See {{indexed-link-rel}} -| 11 | supplemental | See {{indexed-link-rel}} +| 11 | supplements | See {{indexed-link-rel}} | 12-65535 | Unassigned | {: #tbl-iana-link-rel-values title="CoSWID Link Relationship Inital Registrations"} From 33148f08455a0dec481af639d1da43332f646b03 Mon Sep 17 00:00:00 2001 From: david-waltermire-nist Date: Fri, 4 Oct 2019 12:20:41 -0400 Subject: [PATCH 2/4] fixed change that would break compatibility with ISO SWID. --- concise-swid-tag.cddl | 2 +- draft-ietf-sacm-coswid.md | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/concise-swid-tag.cddl b/concise-swid-tag.cddl index 6b37eca..1e1a68e 100644 --- a/concise-swid-tag.cddl +++ b/concise-swid-tag.cddl @@ -83,7 +83,7 @@ $rel /= patches $rel /= requires $rel /= see-also $rel /= supersedes -$rel /= supplements +$rel /= supplemental $rel /= uint / text $use /= optional diff --git a/draft-ietf-sacm-coswid.md b/draft-ietf-sacm-coswid.md index 85e1e38..ba1e2c1 100644 --- a/draft-ietf-sacm-coswid.md +++ b/draft-ietf-sacm-coswid.md @@ -567,7 +567,7 @@ $rel /= patches $rel /= requires $rel /= see-also $rel /= supersedes -$rel /= supplements +$rel /= supplemental $rel /= uint / text ancestor=1 component=2 @@ -983,7 +983,7 @@ The following table indicates the index value to use for the link-entry group's | 8 | requires | The link references a prerequisite for installing this software. A patch SWID/CoSWID tag (see {{intro-lifecycle}}) can use this to represent base software or another patch that needs to be installed first. | 9 | see-also | The link references other software that may be of interest that relates to this software. | 10 | supersedes | The link references another software that this software replaces. A patch SWID/CoSWID tag (see {{intro-lifecycle}}) can use this to represent another patch that this patch incorporates or replaces. -| 11 | supplements | The link references a SWID/CoSWID tag that this tag supplements. Used on supplemental SWID/CoSWID tags (see {{intro-lifecycle}}). +| 11 | supplemental | The link references a SWID/CoSWID tag that this tag supplements. Used on supplemental SWID/CoSWID tags (see {{intro-lifecycle}}). {: #tbl-indexed-link-rel-values title="Link Relationship Values"} The values above are registered in the IANA "SWID/CoSWID Link Relationship Value" registry defined in section {{iana-link-rel}}. Additional values will likely be registered over time. Additionally, the index values 32768 through 65535 and the name prefix "x_" have been reserved for private use. @@ -1272,7 +1272,7 @@ defined in {{SWID}}. | 8 | requires | See {{indexed-link-rel}} | 9 | see-also | See {{indexed-link-rel}} | 10 | supersedes | See {{indexed-link-rel}} -| 11 | supplements | See {{indexed-link-rel}} +| 11 | supplemental | See {{indexed-link-rel}} | 12-65535 | Unassigned | {: #tbl-iana-link-rel-values title="CoSWID Link Relationship Inital Registrations"} From 4ec051f2d15cbcf908326a6450b0998fff305e9c Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Sun, 17 Nov 2019 15:36:02 +0800 Subject: [PATCH 3/4] Addressed comments from Kathleen Moriarty --- concise-swid-tag.cddl | 1 + 1 file changed, 1 insertion(+) diff --git a/concise-swid-tag.cddl b/concise-swid-tag.cddl index 1e1a68e..7dada68 100644 --- a/concise-swid-tag.cddl +++ b/concise-swid-tag.cddl @@ -260,6 +260,7 @@ patches=7 requires=8 see-also=9 supersedes=10 +; supplemental=11 ; this is already defined earlier ; "use" integer indexes optional=1 From fc9f48d315689470435fc7f9ef317e996cabbff5 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Fri, 1 May 2020 10:49:18 -0400 Subject: [PATCH 4/4] fixed a small typo and added maintainer entity role based on WG discussion --- concise-swid-tag.cddl | 2 ++ draft-ietf-sacm-coswid.md | 8 ++++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/concise-swid-tag.cddl b/concise-swid-tag.cddl index 7dada68..100a576 100644 --- a/concise-swid-tag.cddl +++ b/concise-swid-tag.cddl @@ -54,6 +54,7 @@ $role /= software-creator $role /= aggregator $role /= distributor $role /= licensor +$role /= maintainer $role /= uint / text link-entry = { @@ -243,6 +244,7 @@ software-creator=2 aggregator=3 distributor=4 licensor=5 +maintainer=6 ; "ownership" integer indexes shared=1 diff --git a/draft-ietf-sacm-coswid.md b/draft-ietf-sacm-coswid.md index ba1e2c1..e6f4cc4 100644 --- a/draft-ietf-sacm-coswid.md +++ b/draft-ietf-sacm-coswid.md @@ -492,12 +492,14 @@ $role /= software-creator $role /= aggregator $role /= distributor $role /= licensor +$role /= maintainer $role /= uint / text tag-creator=1 software-creator=2 aggregator=3 distributor=4 licensor=5 +maintainer=6 ~~~ The following describes each child item of this group. @@ -948,6 +950,7 @@ The following table indicates the index value to use for the entity-entry group' | 3 | aggregator | From {{SWID}}, "An organization or system that encapsulates software from their own and/or other organizations into a different distribution process (as in the case of virtualization), or as a completed system to accomplish a specific task (as in the case of a value added reseller)." | 4 | distributor | From {{SWID}}, "An entity that furthers the marketing, selling and/or distribution of software from the original place of manufacture to the ultimate user without modifying the software, its packaging or its labelling." | 5 | licensor | From {{SAM}} as "software licensor", a "person or organization who owns or holds the rights to issue a software license for a specific software \[component\]" +| 6 | maintainer | The person or organization that is responsible for coordinating and making updates to the source code for the software component. This SHOULD be used when the "maintainer" is a different person or organization than the original "softwareCreator". {: #tbl-indexed-entity-role-values title="Entity Role Values"} The values above are registered in the IANA "SWID/CoSWID Entity Role Value" registry defined in section {{iana-entity-role}}. Additional values will likely be registered over time. Additionally, the index values 128 through 255 and the name prefix "x_" have been reserved for private use. @@ -959,7 +962,7 @@ The following table indicates the index value to use for the link-entry group's | Index | Ownership Type | Definition | |--- -| 1 | abandon | If the software component referenced by the CoSWID tag is uninstalled, then the referenced software SHOULD not be uninstalled +| 1 | abandon | If the software component referenced by the CoSWID tag is uninstalled, then the referenced software SHOULD NOT be uninstalled | 2 | private | If the software component referenced by the CoSWID tag is uninstalled, then the referenced software SHOULD be uninstalled as well. | 3 | shared | If the software component referenced by the CoSWID tag is uninstalled, then the referenced software SHOULD be uninstalled if no other components sharing the software. {: #tbl-indexed-link-ownership-values title="Link Ownership Values"} @@ -1197,7 +1200,8 @@ defined in {{SWID}}. | 3 | aggregator | See {{indexed-entity-role}} | 4 | distributor | See {{indexed-entity-role}} | 5 | licensor | See {{indexed-entity-role}} -| 6-255 | Unassigned | +| 6 | maintainer | See {{indexed-entity-role}} +| 7-255 | Unassigned | {: #tbl-iana-entity-role-values title="CoSWID Entity Role Inital Registrations"} Registrations MUST conform to the expert review guidlines defined in {{iana-review-guidelines}}.