RFC 8274 on Incident Object Description Exchange Format Usage Guidance
rfc-editor@rfc-editor.org Mon, 20 November 2017 20:40 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2855212EAAE; Mon, 20 Nov 2017 12:40:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id soml2ns7OSja; Mon, 20 Nov 2017 12:40:20 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA7D4120713; Mon, 20 Nov 2017 12:40:20 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id 359C8B81AF4; Mon, 20 Nov 2017 12:40:18 -0800 (PST)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
Subject: RFC 8274 on Incident Object Description Exchange Format Usage Guidance
X-PHP-Originating-Script: 1005:ams_util_lib.php
From: rfc-editor@rfc-editor.org
Cc: rfc-editor@rfc-editor.org, drafts-update-ref@iana.org, mile@ietf.org
Content-type: text/plain; charset="UTF-8"
Message-Id: <20171120204018.359C8B81AF4@rfc-editor.org>
Date: Mon, 20 Nov 2017 12:40:18 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/JujoOz78cA1h7By6VWirBJ0GVUY>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Nov 2017 20:40:22 -0000
A new Request for Comments is now available in online RFC libraries. RFC 8274 Title: Incident Object Description Exchange Format Usage Guidance Author: P. Kampanakis, M. Suzuki Status: Informational Stream: IETF Date: November 2017 Mailbox: pkampana@cisco.com, mio@nict.go.jp Pages: 33 Characters: 67602 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-ietf-mile-iodef-guidance-11.txt URL: https://www.rfc-editor.org/info/rfc8274 DOI: 10.17487/RFC8274 The Incident Object Description Exchange Format (IODEF) v2 (RFC7970) defines a data representation that provides a framework for sharing information about computer security incidents commonly exchanged by Computer Security Incident Response Teams (CSIRTs) . Since the IODEF model includes a wealth of available options that can be used to describe a security incident or issue, it can be challenging for security practitioners to develop tools that leverage IODEF for incident sharing. This document provides guidelines for IODEF implementers. It addresses how common security indicators can be represented in IODEF and use-cases of how IODEF is being used. This document aims to make IODEF's adoption by vendors easier and encourage faster and wider adoption of the model by CSIRTs around the world. This document is a product of the Managed Incident Lightweight Exchange Working Group of the IETF. INFORMATIONAL: This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce and rfc-dist lists. To subscribe or unsubscribe, see https://www.ietf.org/mailman/listinfo/ietf-announce https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist For searching the RFC series, see https://www.rfc-editor.org/search For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team Association Management Solutions, LLC