oval_developer@lists.cisecurity.org
A list for people interested in developing the OVAL language.
View all threadsPossible issue with the schematron rule for schema_version element.
Hello,
The oval-common-schema.xsd (5.11.2) includes the following schematron rule:
“<sch:assert test="starts-with(.,$core_version_portion)"> This platform's
version (<sch:value-of select="."/>) MUST match the core version being
used: <sch:value-of select="$core_version_portion"/>.</sch:assert>”
This rule tests if the schema core version is the same as the one used in
the platform’s version. The latest core version is 5.11.2 and the version
of Windows schema is 5.11.1:1.3. The following excerpt will fail the
schematron rule because the core schema version (5.11.2) does not match the
core portion from the Windows extension platform (5.1.1.1:1.3):
<generator>
<oval:product_name>NIST Validation Content Generation Script
</oval:product_name>
oval:product_version1.0</oval:product_version>
oval:schema_version5.11.2</oval:schema_version>
<oval:schema_version platform="Windows">5.11.1:1.3
</oval:schema_version>
oval:timestamp2017-01-22T14:03:55-04:00</oval:timestamp>
</generator>
Is the schematron rule incorrect or the content listed above? Please note
that the core portion of all the extension schemas is 5.11.1.
Respectfully,
_Dragos.
...
Hi Dragos,
I can tell you that we intentionally decided to not rev the schema extension core versions unless it was deemed technically necessary (e.g., if a platform schema requires a datatype introduced in some core schema version, then we’d rev the platform schema core version). So this should probably be considered a defect in the schematron.
Best regards,
—David Solin
On Mar 20, 2017, at 11:12 AM, Dragos Prisaca dragos.prisaca@G2-INC.COM wrote:
Hello,
The oval-common-schema.xsd (5.11.2) includes the following schematron rule:
“<sch:assert test="starts-with(.,$core_version_portion)"> This platform's version (<sch:value-of select="."/>) MUST match the core version being used: sch:value-ofselect="$core_version_portion"/.</sch:assert>”
This rule tests if the schema core version is the same as the one used in the platform’s version. The latest core version is 5.11.2 and the version of Windows schema is 5.11.1:1.3. The following excerpt will fail the schematron rule because the core schema version (5.11.2) does not match the core portion from the Windows extension platform (5.1.1.1:1.3):
<generator>
oval:product_nameNIST Validation Content Generation Script</oval:product_name>
oval:product_version1.0</oval:product_version>
oval:schema_version5.11.2</oval:schema_version>
<oval:schema_version platform="Windows">5.11.1:1.3</oval:schema_version>
oval:timestamp2017-01-22T14:03:55-04:00</oval:timestamp>
</generator>
Is the schematron rule incorrect or the content listed above? Please note that the core portion of all the extension schemas is 5.11.1.
Respectfully,
_Dragos.
...
OVAL_Developer mailing list
OVAL_Developer@lists.cisecurity.org mailto:OVAL_Developer@lists.cisecurity.org
http://lists.cisecurity.org/mailman/listinfo/oval_developer_lists.cisecurity.org http://lists.cisecurity.org/mailman/listinfo/oval_developer_lists.cisecurity.org
...
Thank you David. This is what I thought too, but wanted to confirm.
Thanks,
_Dragos.
From: David Solin [mailto:solin@jovalcm.com]
Sent: Monday, March 20, 2017 1:18 PM
To: Dragos Prisaca
Cc: OVAL Developer List
Subject: Re: [OVAL DEVELOPER] Possible issue with the schematron rule for
schema_version element.
Hi Dragos,
I can tell you that we intentionally decided to not rev the schema
extension core versions unless it was deemed technically necessary (e.g.,
if a platform schema requires a datatype introduced in some core schema
version, then we’d rev the platform schema core version). So this should
probably be considered a defect in the schematron.
Best regards,
—David Solin
On Mar 20, 2017, at 11:12 AM, Dragos Prisaca dragos.prisaca@G2-INC.COM
wrote:
Hello,
The oval-common-schema.xsd (5.11.2) includes the following schematron rule:
“<sch:assert test="starts-with(.,$core_version_portion)"> This platform's
version (<sch:value-of select="."/>) MUST match the core version being used:
sch:value-ofselect="$core_version_portion"/.</sch:assert>”
This rule tests if the schema core version is the same as the one used in
the platform’s version. The latest core version is 5.11.2 and the version
of Windows schema is 5.11.1:1.3. The following excerpt will fail the
schematron rule because the core schema version (5.11.2) does not match the
core portion from the Windows extension platform (5.1.1.1:1.3):
<generator>
<oval:product_name>NIST Validation Content Generation Script
</oval:product_name>
oval:product_version1.0</oval:product_version>
oval:schema_version5.11.2</oval:schema_version>
<oval:schema_version platform="Windows">5.11.1:1.3
</oval:schema_version>
oval:timestamp2017-01-22T14:03:55-04:00</oval:timestamp>
</generator>
Is the schematron rule incorrect or the content listed above? Please note
that the core portion of all the extension schemas is 5.11.1.
Respectfully,
_Dragos.
...
OVAL_Developer mailing list
OVAL_Developer@lists.cisecurity.org
http://lists.cisecurity.org/mailman/listinfo/oval_developer_lists.cisecurity.org
...