This is an XML Schema for defining names in the Common Platform Enumeration, a naming system for IT platforms. Each CPE name has the following URI format: cpe:/ [ hardware-part ] [ / [ os-part ] [ / application-part ] ] Each part consists of zero or more name elements separated by semicolons. Generally, in a description listing like this, at most one name element will comprise each part. Each name element consists of one or more name components separated by colons. The first name component of each name element is a supplier or vendor name, expressed as the organization-specific label from the supplier's DNS name (e.g. from "microsoft.com" use "microsoft"). This specification was written by Neal Ziring, with assistance from Andrew Buttner, and ideas from Todd Wittbold and other attendees at the 2nd Annual NIST Security Automation Workshop. For more information, consult the CPE specification document. 1.0 This element acts as a top-level container for CPE name items. This element denotes a single name in the Common Platform Enumeration. It has the following parts: - name, a URI, which must be a unique key, and should follow the URI structure outlined in the CPE specification. - title, arbitrary friendly name - notes, optional descriptive material - references, optional external info references - check, optional reference to an OVAL test that can confirm or reject an IT system as an instance of the named platform. Type for an reference in the description of a CPE item. This would normally be used to point to extra descriptive material, or the supplier's web site, or the platform documentation. It consists of a piece of text (intended to be human-readable) and a URI (intended to be a URL, and point to a real resource). Data type for the check element, a checking system specification URI, string content, and an optional external file reference. The checking system specification should be the URI for a particular version of OVAL or a related system testing language, and the content will be an identifier of a test written in that language. The external file reference could be used to point to the file in which the content test identifier is defined.