[mile] Finding documents
<kathleen.moriarty@emc.com> Fri, 07 October 2011 16:57 UTC
Return-Path: <kathleen.moriarty@emc.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79E3A21F8BD3 for <mile@ietfa.amsl.com>; Fri, 7 Oct 2011 09:57:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.486
X-Spam-Level:
X-Spam-Status: No, score=-6.486 tagged_above=-999 required=5 tests=[AWL=0.113, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DJAKVB-SYhnb for <mile@ietfa.amsl.com>; Fri, 7 Oct 2011 09:57:29 -0700 (PDT)
Received: from mexforward.lss.emc.com (mexforward.lss.emc.com [128.222.32.20]) by ietfa.amsl.com (Postfix) with ESMTP id 62A0621F8C07 for <mile@ietf.org>; Fri, 7 Oct 2011 09:57:28 -0700 (PDT)
Received: from hop04-l1d11-si01.isus.emc.com (HOP04-L1D11-SI01.isus.emc.com [10.254.111.54]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p97H0fFU005744 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <mile@ietf.org>; Fri, 7 Oct 2011 13:00:41 -0400
Received: from mailhub.lss.emc.com (mailhub.lss.emc.com [10.254.222.130]) by hop04-l1d11-si01.isus.emc.com (RSA Interceptor) for <mile@ietf.org>; Fri, 7 Oct 2011 13:00:29 -0400
Received: from mxhub14.corp.emc.com (mxhub14.corp.emc.com [128.221.56.103]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id p97H0SM7018237 for <mile@ietf.org>; Fri, 7 Oct 2011 13:00:28 -0400
Received: from mx06a.corp.emc.com ([169.254.1.225]) by mxhub14.corp.emc.com ([128.221.56.103]) with mapi; Fri, 7 Oct 2011 13:00:28 -0400
From: kathleen.moriarty@emc.com
To: mile@ietf.org
Date: Fri, 07 Oct 2011 13:00:26 -0400
Thread-Topic: Finding documents
Thread-Index: Acx4c+pCc3LQ9j2SSDmCMSTngDjrSwJXQmwQAM+9ahA=
Message-ID: <AE31510960917D478171C79369B660FA0E0923D4A2@MX06A.corp.emc.com>
References: <AE31510960917D478171C79369B660FA0E08F478F1@MX06A.corp.emc.com> <AE31510960917D478171C79369B660FA0E09116092@MX06A.corp.emc.com>
In-Reply-To: <AE31510960917D478171C79369B660FA0E09116092@MX06A.corp.emc.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-EMM-MHVC: 1
Subject: [mile] Finding documents
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mile>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Oct 2011 16:57:30 -0000
Hello, For those new to the IETF, it may not seem straightforward yet to find documents that are posted for review and comment. I am forwarding the charter as it lists the name of each draft. I usually Google the name of a document to find the most current version. The GRC-Exchange update is located at the following link: https://datatracker.ietf.org/doc/draft-moriarty-mile-grc-exchange/ If you use the tracker tool, you will get the latest version of a document. You can see it is just the file name without the version. If we move to a working group, the working group page would include links to each of the working documents. Here are the names of each of the documents that have been submitted. The drafts under consideration as WG items include: * Real-time Inter-network Defense (RID) bis: draft-moriarty-mile-rfc6045-bis-01.txt * Transport of Real-time Inter-network Defense (RID) Messages bis: draft-trammell-mile-rfc6046-bis-00.txt * Template for extensions to IODEF: draft-trammell-mile-template-01.txt * IODEF Extensions in IANA XML Registry: draft-trammell-mile-iodef-xmlreg-00.txt * GRC Report Exchange (Generalized RID for XML reports/documents): draft-moriarty-mile-grc-exchange-01.txt * IODEF-extension to support structured cybersecurity information: draft-takahashi-mile-sci-00.txt * IODEF Extension, Labeling for data protection, retention, policies, and regulations draft-goodier-mile-data-markers-00.txt Thanks, Kathleen -----Original Message----- From: Moriarty, Kathleen Sent: Monday, October 03, 2011 9:39 AM To: Moriarty, Kathleen; mile@ietf.org Subject: RE: Proposed MILE charter Hello, We had another draft submitted that could be used as initial input. I am adding to the list. It is a first draft, so there are a few things that need to be tweaked (draft name). Thanks, Kathleen Managed Incident Lightweight Exchange (mile) -------------------------------------------- Proposed Working Group Charter Chairs: TBD Security Area Directors: Stephen Farrell <stephen.farrell@cs.tcd.ie<mailto:stephen.farrell@cs.tcd.ie>> Sean Turner <turners@ieca.com<mailto:turners@ieca.com>> Security Area Advisor: Sean Turner <turners@ieca.com<mailto:turners@ieca.com>>> Mailing Lists: General Discussion: mile@ietf.org<mailto:mile@ietf.org<mailto:mile@ietf.org<mailto:mile@ietf.org>> To Subscribe: http://www.ietf.org/mailman/listinfo/mile Archive: http://www.ietf.org/mail-archive/web/mile Description: The Managed Incident Lightweight Exchange (MILE) working group will develop standards and extensions for the purpose of improving incident information sharing and handling capabilities based on the work developed in the IETF Extended INCident Handling (INCH) working group. The Incident Object Description Exchange Format (IODEF) in RFC5070 and Real-time Inter-network Defense (RID) in RFC6045 were developed in the INCH working group by international Computer Security Incident Response Teams (CSIRTs) and industry to meet the needs of a global community interested in sharing, handling, and exchanging incident information. The extensions and guidance created by the MILE working group assists with the daily operations of CSIRTs at an organization, service provider, law enforcement, and at the country level. The application of IODEF and RID to interdomain incident information cooperative exchange and sharing has recently expanded and the need for extensions has become more important. Efforts continue to deploy IODEF and RID, as well as to extend them to support specific use cases covering reporting and mitigation of current threats such as anti-phishing extensions. An incident could be a benign configuration issue, IT incident, an infraction to a service level agreement (SLA), a system compromise, socially engineered phishing attack, or a denial-of-service (DoS) attack, etc. When an incident is detected, the response may include simply filing a report, notification to the source of the incident, a request to a third party for resolution/mitigation, or a request to locate the source. IODEF defines a data representation that provides a standard format for sharing information commonly exchanged about computer security incidents. RID enables the secure exchange of incident related information in an IODEF format providing options for security, privacy, and policy setting. MILE leverages collaboration and sharing experiences with the work developed in the INCH working group which includes the data model detailed in the IODEF, existing extensions to the IODEF for Anti-phishing (RFC5901), and RID (RFC6045, RFC6046) for the secure exchange of information. MILE will also leverage the experience gained in using IODEF and RID in operational contexts. Related work, drafted outside of INCH will also be reviewed and includes RFC5941, Sharing Transaction Fraud Data. The MILE working group provides coordination for these various extension efforts to improve the capabilities for exchanging incident information. MILE has several objectives with the first being a description a subset of IODEF focused on ease of deployment and applicability to current information security data sharing use cases. MILE also describes a generalization of RID for secure exchange of other security-relevant XML formats. MILE produces additional guidance needed for the successful exchange of incident information for new use cases according to policy, security, and privacy requirements. Finally, MILE produces a document template with guidance for defining IODEF extensions to be followed when producing extensions to IODEF as appropriate, for: * labeling incident reports with data protection, data retention, and other policies, regulations, and laws restricting the handling of those reports * referencing structured security information from within incident reports * reporting forensic data generated during an incident investigation (computer or accounting) The WG will produce the following: * An informational document on IODEF Guidance. * A Standards Track document specifying the Real-time Inter-network Defense (RID). * A Standards Track document specifying the transport for RID. * An informational template for extensions to IODEF. * A Standards Track document for IODEF Extensions in IANA XML Registry. * A Standards Track document for IODEF Extension to support structured cybersecurity information. * A Standards Track document for Labeling for data protection, retention, policies, and regulations. * A Standards Track document for GRC Report Exchange. * A Standards Track document for IODEF Extension to support forensics. The drafts under consideration as WG items include: * Real-time Inter-network Defense (RID) bis: draft-moriarty-mile-rfc6045-bis-01.txt * Transport of Real-time Inter-network Defense (RID) Messages bis: draft-trammell-mile-rfc6046-bis-00.txt * Template for extensions to IODEF: draft-trammell-mile-template-01.txt * IODEF Extensions in IANA XML Registry: draft-trammell-mile-iodef-xmlreg-00.txt * GRC Report Exchange (Generalized RID for XML reports/documents): draft-moriarty-mile-grc-exchange-01.txt * IODEF-extension to support structured cybersecurity information: draft-takahashi-mile-sci-00.txt * IODEF Extension, Labeling for data protection, retention, policies, and regulations draft-goodier-mile-data-markers-00.txt Milestones WGLC = Working Group Last Call 2011-11 - WGLC Real-time Inter-network Defense (RID) 2011-11 - WGLC Transport for Real-time Inter-network Defense (RID) 2011-12 - Submit Real-time Inter-network Defense (RID) to IESG for consideration as Standards Track document 2011-12 - Submit Transport Real-time Inter-network Defense (RID) to IESG for consideration as Standards Track document 2011-12 - WGLC Template for extensions to IODEF 2011-12 - WGLC IODEF Extensions in IANA XML Registry 2011-12 - WGLC IODEF Extension to support structured cybersecurity information 2012-02 - Submit Template for extensions to IODEF to IESG for consideration as Informational document 2012-02 - Submit IODEF Extensions in IANA XML Registry to IESG for consideration as Standards Track document 2012-02 - Submit IODEF Extension to support structured cybersecurity information to IESG for consideration as Standards Track document 2012-03 - WGLC IODEF Extension Labeling for data protection, retention, policies, and regulations 2012-03 - WGLC IODEF Guidance 2012-04 - Submit IODEF Extension Labeling for data protection, retention, policies, and regulations to IESG for consideration as Standards Track document 2012-04 - Submit WGLC IODEF Guidance to IESG for consideration as Informational document 2012-05 - WGLC GRC Report Exchange 2012-06 - Submit GRC Report Exchange to IESG for consideration as Standards Track document 2012-06 - WGLC Forensics extension 2012-07 - Submit IODEF Forensics extension to IESG for consideration as Standards Track document _______________________________________________ mile mailing list mile@ietf.org https://www.ietf.org/mailman/listinfo/mile
- [mile] Proposed MILE charter kathleen.moriarty
- Re: [mile] Proposed MILE charter Kent_Landfield
- Re: [mile] Proposed MILE charter Martin, Robert A.
- Re: [mile] Proposed MILE charter kathleen.moriarty
- [mile] Finding documents kathleen.moriarty