Re: [apps-discuss] [mile] Review of draft-ietf-mile-sci-02.
"Takeshi Takahashi" <takeshi_takahashi@nict.go.jp> Tue, 03 April 2012 02:50 UTC
Return-Path: <takeshi_takahashi@nict.go.jp>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 978DE21F8769; Mon, 2 Apr 2012 19:50:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.755
X-Spam-Level:
X-Spam-Status: No, score=-0.755 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_JP=1.244, J_CHICKENPOX_111=0.6]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M5PokqkLhRpk; Mon, 2 Apr 2012 19:50:09 -0700 (PDT)
Received: from ns1.nict.go.jp (ns1.nict.go.jp [IPv6:2001:df0:232:300::1]) by ietfa.amsl.com (Postfix) with ESMTP id C20CF21F8767; Mon, 2 Apr 2012 19:50:08 -0700 (PDT)
Received: from gw1.nict.go.jp (gw1 [133.243.18.250]) by ns1.nict.go.jp with ESMTP id q332o3bx005042; Tue, 3 Apr 2012 11:50:03 +0900 (JST)
Received: from gw1.nict.go.jp (localhost [127.0.0.1]) by gw1.nict.go.jp with ESMTP id q332o3Af007310; Tue, 3 Apr 2012 11:50:03 +0900 (JST)
Received: from mail2.nict.go.jp (mail.nict.go.jp [133.243.18.3]) by gw1.nict.go.jp with ESMTP id q332o3v4007303; Tue, 3 Apr 2012 11:50:03 +0900 (JST)
Received: from mail2.nict.go.jp (localhost [127.0.0.1]) by mail2.nict.go.jp (NICT Mail) with ESMTP id 232331608B; Tue, 3 Apr 2012 11:50:03 +0900 (JST)
Received: from takeVAIO2 (unknown [133.243.119.6]) by mail2.nict.go.jp (NICT Mail) with ESMTP id 1CD3B16003; Tue, 3 Apr 2012 11:50:03 +0900 (JST)
From: Takeshi Takahashi <takeshi_takahashi@nict.go.jp>
To: 'Yves Lafon' <ylafon@w3.org>, apps-discuss@ietf.org, draft-ietf-mile-sci.all@tools.ietf.org
References: <alpine.DEB.1.10.1204020528070.21068@wnl.j3.bet>
In-Reply-To: <alpine.DEB.1.10.1204020528070.21068@wnl.j3.bet>
Date: Tue, 03 Apr 2012 11:50:02 +0900
Message-ID: <00c601cd1144$77565f90$66031eb0$@nict.go.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQGXb20xT+3R8pLmZ4LMaTVwjZ7Jb5bzqVlQ
Content-Language: ja
X-Mailman-Approved-At: Tue, 03 Apr 2012 11:19:19 -0700
Cc: mile@ietf.org
Subject: Re: [apps-discuss] [mile] Review of draft-ietf-mile-sci-02.
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Apr 2012 02:50:09 -0000
Thank you very much, Yves, for your kind review. I appreciate that very much. Let me modify the draft to handle the issues you kindly pointed out along with the other issues raised at the Paris meeting. Kind Regards, Take > -----Original Message----- > From: mile-bounces@ietf.org [mailto:mile-bounces@ietf.org] On Behalf Of > Yves Lafon > Sent: Monday, April 02, 2012 10:31 PM > To: apps-discuss@ietf.org; draft-ietf-mile-sci.all@tools.ietf.org > Cc: mile@ietf.org > Subject: [mile] Review of draft-ietf-mile-sci-02. > > All, > I have been selected as the Applications Area Directorate reviewer for > this draft (for background on appsdir, please see [1]). > > Document: draft-ietf-mile-sci-02 > Title: IODEF-extension to support structured cybersecurity information > Reviewer: Yves Lafon > Review Date: April 2, 2012 > > Review Summary: This draft is almost ready for publication, small > important issues needs to be addressed or clarified before publication. > > Document Summary: > The document define a 'wrapper' document to present in a common format > different cybersecurity report formats. > > Major Issues: > > There are two issues. > * In the normative reference section, there are reference to many document > where the licensing information is not clear, like [CAPEC]. It would be > good to clarify the license information of the documents linked in the > normative section. > > * The schema provided is invalid, this line needs to be fixed based on > intent: > <xsd:attribute name="dtype" type="iodef:dtype-type" > use="prohibited" value="xml"/> > > Both issues are major issues as they need being fixed, but I consider > them easy to fix. > > Minor Issue: > > In the definition of 'AttackPattern' class, the restriction in the prose > (4.3.1) is not expressed in the schema. > << > AttackPatternID: OPTIONAL. STRING. An identifier of an attack > pattern to be reported. This attribute SHOULD be used whenever > such identifier is available, but could be omitted if no such one > is available. In this case, either RawData or Reference elements, > or both of them, MUST be provided. > >> > Same issue with 'Platform', 'Vulnerability', 'Weakness', 'EventReport', > 'Verification'... > Also the other MUST-level requirement of ensuring consistency of the value > might be tested using a schematron schema, that could be a useful addition > if the goal of the schema is to provice automated verification. > > In the example, the foreign namespaces definition also include links to > schemas, it might be better to remove those and keep in the main schema > the list of possible namespaces (and their schemas), ie: keep the schema > referring to other schema for people requiring schema validation, and > remove verbosity in instances (it should affect only the definition of > XMLDATA). The downside being that the main schema needs to be updated > when the list in 4.1 is updated (and schema link should be in the list > in 4.1). > > HTH, > > [1] > <http://trac.tools.ietf.org/area/app/trac/wiki/ApplicationsAreaDirec > torate> > > -- > Baroula que barouleras, au tiéu toujou t'entourneras. > > ~~Yves > > _______________________________________________ > mile mailing list > mile@ietf.org > https://www.ietf.org/mailman/listinfo/mile
- [apps-discuss] Review of draft-ietf-mile-sci-02. Yves Lafon
- Re: [apps-discuss] [mile] Review of draft-ietf-mi… Takeshi Takahashi