-- moto kawasaki moto@kawasaki3.org +81-90-2464-8454 From: Sebastian Wagner wagner@cert.at Subject: [IntelMQ-dev] IEP04: The choice of the UUID-format Date: Mon, 6 Sep 2021 18:59:36 +0200 > Dear allies, > > The discussion around the IEP04 proposal, adding meta-information to > IntelMQ messages, has stalled over the last months - first because of > the time-intensive IntelMQ 3.0 release preparations and then because of > the vacation season. > > Here is the current proposal: > https://github.com/certtools/ieps/tree/main/004#readme > > Aaron, Sebastian Waldbauer and myself worked on it over the summer and > also identified two open issues to be discussed: > 1. The exact format of the meta-information and how to name and > structure the fields. AIL made the first move and now uses a format > similar to the previously proposed Variant "A". The IEP04 document > contains the current proposal which is in line with the AIL format: > https://github.com/certtools/ieps/tree/main/004#user-content-variant-ail > If there are no other proposals, this will most probably the way to go. > 2. The format of the UUID format which we want to uniquely identify > IntelMQ events. We don't necessarily need to use the UUIDv4 format which > represents pure randomness, but also other options which include the > time and are even /time-sortable/. Sebastian Waldbauer analysed a couple > of options and summarised his results in this document: > > https://github.com/certtools/ieps/blob/main/004/UUID.md > > Please let us know your opinion on the different UUID options. > > cheers > Sebastian > > -- > // Sebastian Wagner wagner@cert.at - T: +43 676 898 298 7201 > // CERT Austria - https://www.cert.at/ > // Eine Initiative der nic.at GmbH - https://www.nic.at/ > // Firmenbuchnummer 172568b, LG Salzburg > >