On 30 Mar 2023, at 15:13, Jarek Potiuk <ja...@potiuk.com> wrote: > Yep. I would also be keen on getting some comment Philippe - what > would be a good way to represent it with PURL identifiers for the > examples Dirk gave ? I guess we could figure out on our own, reading > the docs, but since we have your attention, maybe a good idea that you > propose something :D ?
And lets not loose sight of the fact that this will be in a heavily regulated territory. So the closer we can stay in spirit or syntax to a IETF or ISO document; the better, Dw. > > On Thu, Mar 30, 2023 at 1:59 PM Gary Gregory <garydgreg...@gmail.com> wrote: >> >> Note that there are a few ways to do this, here is the sampling that >> (for example) SPDX supports: >> https://spdx.github.io/spdx-spec/v2.3/external-repository-identifiers/ >> >> Purl is in there, as is Maven, npm, and on and on. >> >> Gary >> >> On Thu, Mar 30, 2023 at 7:03 AM Dirk-Willem van Gulik >> <di...@webweaving.org> wrote: >>> >>> >>> On 30 Mar 2023, at 12:54, Philippe Ombredanne <pombreda...@nexb.com> wrote: >>> >>>> I am the "creator" of PURL and maintainer of VulnerableCode and both >>> >>> >>> Splendid. >>> >>>> I would kindly request that you consider using the PURL syntax instead >>>> of inventing a new and different scheme that will require folks to invent >>>> their own parsers. >>> >>> Could you comment on how we can best do this for our case -AND- stay with >>> the regid and similar concepts from the various IETF RFC's ? And ideally >>> stayl close to ISO/IEC 19770-2:2015. >>> >>> I.e. how we can toe both lines & work towards something that sits as high >>> as possible in the hierarchy of international standards, regional >>> standards, national standards, industry standards, defacto standards and >>> general convention. >>> >>> With kind regards, >>> >>> Dw. >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: security-discuss-unsubscr...@community.apache.org >>> For additional commands, e-mail: security-discuss-h...@community.apache.org >>> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: security-discuss-unsubscr...@community.apache.org >> For additional commands, e-mail: security-discuss-h...@community.apache.org >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: security-discuss-unsubscr...@community.apache.org > For additional commands, e-mail: security-discuss-h...@community.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: security-discuss-unsubscr...@community.apache.org For additional commands, e-mail: security-discuss-h...@community.apache.org
