Given the explicit inclusion of licensing in the data structures of SBoM I think that SHOULD would be too strong in the case that MUD is extended to SBoMs. Both SPDX and CyCloneDX are integrating licensing in a more nuanced and consistent manner.
SHOULD would create a conflict with the extension unless there is an alternative in the SBoM extension data. On Thu, May 27, 2021 at 6:04 AM Eliot Lear <[email protected]> wrote: > [CC netmod] > > Hi everyone, > > Based on Carsten's concerns about licensing of MUD files we wrote a very > short extension to RFC 8520 to allow statements to be added. I note it > misses an Updates: header, but we should probably add that so people > know they SHOULD use this extension. > > The extension is written as a grouping that is then 'used' to augment a > 'mud' container. The intent here is that if you find the need to use > the extension for other purposes, you can. I wonder if some yang > doctors would like to take a look. We'd like to move on this one quickly. > > Eliot > > > _______________________________________________ > OPSAWG mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/opsawg >
_______________________________________________ netmod mailing list [email protected] https://www.ietf.org/mailman/listinfo/netmod
