spdx
Clause 6.5.3 example: unclear how to calculate UUID for DocumentNamespace
SPDX 2.2.1 section 6.5 defines the document name space field as http://[CreatorWebsite]/[pathToSpdx]/DocumentName]-[UUID]. If I try to reproduce the UUID in example 6.5.3 using a version 5 UUID from I get to different UUIDs.
Question 1: the example is incomplete - is this deliberate? In addition, it is not clear if it is a version 4 or version 5 UUID. I assume version 4 because none of the version 5 UIDs come close.
Question 2: a version 5 UUID expects a namespace to be defined. Which namespace should be used? My assumption is that it should be nsURL for URLs and that the payload is "http://[CreatorWebsite]/[pathToSpdx]/DocumentName]". Or is it including the final dash so "http://[CreatorWebsite]/[pathToSpdx]/DocumentName]-"?
@kwijbrans-philips I don't think there was any intent to create an incomplete example. It was done some time ago, but it should be consistent and complete.
Thanks for bringing these issue to light. Since the example was a best practice and not a requirement, it probably didn't get as much review.
Based on your question 2, I don't think this was clarified or described previously. From what I can see, either approach will meet the requirements for the document name space.
Did you want to propose a clarification as a pull request? Although we are just about done with the 2.3 version, there may be time to get the clarification in if we can get a couple reviews in addition to the PR.
Yes, will look into this this week.
From: goneall @.> Sent: maandag 20 juni 2022 19:30 To: spdx/spdx-spec @.> Cc: Wijbrans, Klaas @.>; Mention @.> Subject: Re: [spdx/spdx-spec] Clause 6.5.3 example: unclear how to calculate UUID for DocumentNamespace (Issue #725) Importance: Low
Caution: This e-mail originated from outside of Philips, be careful for phishing.
@kwijbrans-philipshttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fkwijbrans-philips&data=05%7C01%7C%7Cc04c2dc901074c9da3a808da52e287c9%7C1a407a2d76754d178692b3ac285306e4%7C0%7C0%7C637913430160324752%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=MzJrc5F6%2Brb1HuB7yVzVZqhRmQx3UAto3fjK11ZGKiQ%3D&reserved=0 I don't think there was any intent to create an incomplete example. It was done some time ago, but it should be consistent and complete.
Thanks for bringing these issue to light. Since the example was a best practice and not a requirement, it probably didn't get as much review.
Based on your question 2, I don't think this was clarified or described previously. From what I can see, either approach will meet the requirements for the document name space.
Did you want to propose a clarification as a pull request? Although we are just about done with the 2.3 version, there may be time to get the clarification in if we can get a couple reviews in addition to the PR.
Reply to this email directly, view it on GitHubhttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fspdx%2Fspdx-spec%2Fissues%2F725%23issuecomment-1160693129&data=05%7C01%7C%7Cc04c2dc901074c9da3a808da52e287c9%7C1a407a2d76754d178692b3ac285306e4%7C0%7C0%7C637913430160480990%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=snb9cBAXLz74jAx3OPt1pud5kpKAFYU0CwvvcNKF%2FqI%3D&reserved=0, or unsubscribehttps://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAVERG4QFTL3JIDI6JFZENCLVQCTCFANCNFSM5ZI4RS5A&data=05%7C01%7C%7Cc04c2dc901074c9da3a808da52e287c9%7C1a407a2d76754d178692b3ac285306e4%7C0%7C0%7C637913430160480990%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=oh5JgBBWDlhEydsEAAmJM7PMidMM2LuRLEe6cfyJI6s%3D&reserved=0. You are receiving this because you were mentioned.Message ID: @.@.>>
The information contained in this message may be confidential and legally protected under applicable law. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, forwarding, dissemination, or reproduction of this message is strictly prohibited and may be unlawful. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message.
Perhaps I should open this as a separate issue, but I thought I would add a suggestion made by @coderpatros that we use URN's instead of URL's in our example URI's. From reviewing the W3C recommendations, this looks like a very good suggestion.
I'll definitely bring this up for version 3.0, but since we're looking and clarifying the recommended URI in the 2.X spec, I thought I would mention this suggestion here as well.
I would also like to add that there isn't necessarily a 'right' or 'wrong' way to produce document namespaces - extra guidance is always good of course :smiley:
This has been removed in the 3.0 spec - so I'm going to go ahead and close this issue since we don't have any volunteers to implement a PR