add deception schema extension

[benjaminxscott]

@johnwunder - look good?

• usage example here
• bindings added to py-stix here

[packet-rat]

Ben,
Intrigued (postively) by all aspects of this change. Is there any community or internal discourse available? I try to follow closely, so apologies if I missed this.

[benjaminxscott]

@packet-rat - Upcoming release - you can sign up here to be an early adopter 😺

[bworrell]

I looked a bit at this and noticed that the targetNamespace and the @vocab_reference values indicate a STIX default vocabulary, though their values should probably reflect that this is an extension. That, or just merged into the default vocab schema altogether. @johnwunder, what do you think? Also, I'm not sure how this fits into the whole release cycle business...something to think about anyway!

[bworrell]

Haha, actually you just swapped the namespace/vocab_reference values on me while I was typing that :) I think the values might still need some updating as the namespaces usually refer to the version of the schema.

[johnwunder]

This is an extension to STIX being proposed by MITRE (@bschmoker). We shouldn't merge it in to master until the community has time to weigh in and we start merging STIX 2.0/1.3/whatever issues.

At that point we may decide it's a default vocab in which case it should be moved/updated.

In the meantime you can of course use it as you would any normal extension.

[benjaminxscott]

@bworrell rebased in be9137c to add a ver number

[johnwunder]

Why don't you write it up as a Github issue against this repo and then it'll get included with everything when we transfer.

[benjaminxscott]

@johnwunder - check out the writeup