IETF Logo Mail Archive

Re: [mile] Consensus Call - SCI draft MMDEF as MTI

"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Thu, 14 March 2013 15:28 UTC

Return-Path: <pkampana@cisco.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55BE211E82C1 for <mile@ietfa.amsl.com>; Thu, 14 Mar 2013 08:28:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wkBWnPgwLgan for <mile@ietfa.amsl.com>; Thu, 14 Mar 2013 08:28:13 -0700 (PDT)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) by ietfa.amsl.com (Postfix) with ESMTP id AF02211E82C6 for <mile@ietf.org>; Thu, 14 Mar 2013 08:28:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2430; q=dns/txt; s=iport; t=1363274890; x=1364484490; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=YMmI1NKKCt1uH80xKnkZHCuGRbHdhxKy+vhTwLbE5bA=; b=T2H3wC/eOTR5laoz2KwxESLk8SX6xE1phbZIBD2BILmg0EqD7MHCJ0VO mNhdDr99QcqEIfw7GCA58juZDyhZUKYUtiDF9ygeC3GfkLslCNC0wQnfC 2X3jNsUXsNW77cMbCtEqkUyTPThub07iLdEMaAma8ESXYcxfR+96Xzg9K Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgEFAJzqQVGtJV2a/2dsb2JhbABDxHiBYhZ0gioBAQEEAQEBGh00FwQCAQgRBAEBCxQJBycLFAkIAgQBEgiIDAzBMASOXyYSBoJZYQOnWoMKgig
X-IronPort-AV: E=Sophos;i="4.84,845,1355097600"; d="scan'208";a="187479946"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by rcdn-iport-7.cisco.com with ESMTP; 14 Mar 2013 15:28:10 +0000
Received: from xhc-aln-x15.cisco.com (xhc-aln-x15.cisco.com [173.36.12.89]) by rcdn-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id r2EFS9Bj015081 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 14 Mar 2013 15:28:09 GMT
Received: from xmb-rcd-x10.cisco.com ([169.254.15.195]) by xhc-aln-x15.cisco.com ([173.36.12.89]) with mapi id 14.02.0318.004; Thu, 14 Mar 2013 10:28:09 -0500
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: "Moriarty, Kathleen" <kathleen.moriarty@emc.com>, "mile@ietf.org" <mile@ietf.org>
Thread-Topic: Consensus Call - SCI draft MMDEF as MTI
Thread-Index: AQHOIB2WPSqPazjoCkaiTRDs9BRkd5ilNp0ggAAKlk6AAA88oA==
Date: Thu, 14 Mar 2013 15:28:08 +0000
Message-ID: <1C9F17D1873AFA47A969C4DD98F98A7519298A@xmb-rcd-x10.cisco.com>
References: <F5063677821E3B4F81ACFB7905573F24D79BE5CD@MX15A.corp.emc.com>, <1C9F17D1873AFA47A969C4DD98F98A751926C4@xmb-rcd-x10.cisco.com> <F5063677821E3B4F81ACFB7905573F24D79BE5F0@MX15A.corp.emc.com>
In-Reply-To: <F5063677821E3B4F81ACFB7905573F24D79BE5F0@MX15A.corp.emc.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [64.102.89.108]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [mile] Consensus Call - SCI draft MMDEF as MTI
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mile>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Mar 2013 15:28:18 -0000

Makes sense.  I thought that CVE was MTI in the SCI draft. At least that is my recollection from previous descussions.
But I agree with MMDEF being the MTI also.
Rgs,
Panos


-----Original Message-----
From: Moriarty, Kathleen [mailto:kathleen.moriarty@emc.com] 
Sent: Thursday, March 14, 2013 10:38 AM
To: Panos Kampanakis (pkampana); mile@ietf.org
Subject: RE: Consensus Call - SCI draft MMDEF as MTI

Hello Panos,

Thank you for joining us remotely!  The recording is available for those who were not able to attend during the session.

We need to choose one included schema as MTI for 'black box' testing of the method described.  Essentially, if you can exchange using the MTI spec, then any other specs supported should theoretically work as the pattern has been established.

MMDEF was recommended as it is in use by the eCrime WG as an extension to IODEF/RFC5901.  It replaced the method to include malware in exchanges and seemed to make sense to adopt more broadly as it is maintained by a group in IEEE focused on that particular problem.

BTW, I meant to say the last call will end in two weeks from yesterday, Wednesday March 27th.

Thank you!
Kathleen
________________________________________
From: Panos Kampanakis (pkampana) [pkampana@cisco.com]
Sent: Thursday, March 14, 2013 9:59 AM
To: Moriarty, Kathleen; mile@ietf.org
Subject: RE: Consensus Call - SCI draft MMDEF as MTI

I agree with MMDEF included in SCI.
I am not sure why it must be MTI. Due to some audio problems I missed part of the call yesterday. Can you briefly summarize why we want it MTI?

-----Original Message-----
From: mile-bounces@ietf.org [mailto:mile-bounces@ietf.org] On Behalf Of Moriarty, Kathleen
Sent: Wednesday, March 13, 2013 3:04 PM
To: mile@ietf.org
Subject: [mile] Consensus Call - SCI draft MMDEF as MTI

Hello,

In today's MILE session, a call for consensus began to include MMDEF in the SCI draft as the mandatory-to-implement (MTI) specification.  The call for consensus will last for 2 weeks and we ask that you contribute your opinion.  The vote in the room was unanimous and we want to make sure we hear from participants not in attendance.

Poll will end on Wednesday next week.

Thank you!
Kathleen
_______________________________________________
mile mailing list
mile@ietf.org
https://www.ietf.org/mailman/listinfo/mile

v2.23.0 | Report a Bug | By Email