Document Action: 'Real-time Inter-network Defense' to Informational RFC

The IESG <iesg@ietf.org> Tue, 17 August 2010 16:45 UTC

From: The IESG <iesg@ietf.org>
To: IETF Announcement list <ietf-announce@ietf.org>
Subject: Document Action: 'Real-time Inter-network Defense' to Informational RFC
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0
Message-Id: <20100817164548.A91C83A6845@core3.amsl.com>
Date: Tue, 17 Aug 2010 09:45:48 -0700
Cc: iab@iab.org, rfc-editor@rfc-editor.org
Precedence: list

The IESG has approved the following document:
- 'Real-time Inter-network Defense'
  <draft-moriarty-post-inch-rid-12.txt> as an Informational RFC

This document has been reviewed in the IETF but is not the product of an
IETF Working Group.

The IESG contact person is Tim Polk.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-moriarty-post-inch-rid/


Technical Summary
 
Network security incidents, such as system compromises, worms, viruses,
phishing incidents, and denial of service, typically result in the loss of
service, data, and resources both human and system.  To support
collaborative responses to such incidents, network providers and
Computer Security Incident Response Teams need tools and procedures
to support communications and tracing of security incidents.  This
document series includes this specification and 
draft-moriarty-post-inch-rid-transport.

This specification outlines an inter-network communication
method to facilitate sharing incident handling data while integrating
existing detection, tracing, source identification, and mitigation
mechanisms.  Example procedures, which are not required for
conformance to this specification, are included to further describe
environments where this communication method may be used. 

The companion document draft-moriarty-post-inch-rid-transport 
outlines the transport of IODEF and RID messages over HTTP/TLS.
 
Working Group Summary
 
This documents is not the product of any IETF working group.  The
document has been reviewed by IETF participants from several different
Areas, as well as prospective users of this specification outside of the
IETF.  The document was previously submitted to the IESG for publication
on the Standards track but was not approved.  These reviews have been 
incorporated into this version of the specification, which is intended for
publication as an Informational RFC.
 
Protocol Quality
 
Tim Polk reviewed these specifications for the IESG.

Note to RFC Editor
 
(1) Append the following paragraph to the abstract:

    RID has found use within the international research communities, 
    but has not been widely adopted in other sectors.  This publication
    provides the specification to those communities that have adopted 
    it, and communities currently considering solutions for real-time
    inter-network defense.    The specification may also accelerate
    development of solutions where different transports or message
    formats are required by leveraging the data elements and structures
    specified here.

(2) Insert the following as the next to last paragraph in section 1.2:

    At this point, RID has found use within the international research
    communities, but has not been widely adopted in other sectors.  This
    publication provides the specification to those communities that have
    adopted it, and communities currently considering solutions for
real-time
    inter-network defense.   The specification may also accelerate
    development of solutions where different transports or message
    formats are required by leveraging the data elements and structures
    specified here.

Document Action: 'Real-time Inter-network Defense… The IESG