Re: [mile] Consensus Call - SCI draft MMDEF as MTI
"Black, David" <david.black@emc.com> Thu, 14 March 2013 14:54 UTC
Return-Path: <david.black@emc.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC62D11E812C for <mile@ietfa.amsl.com>; Thu, 14 Mar 2013 07:54:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.892
X-Spam-Level:
X-Spam-Status: No, score=-101.892 tagged_above=-999 required=5 tests=[AWL=0.707, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p-gRmtt+mxxY for <mile@ietfa.amsl.com>; Thu, 14 Mar 2013 07:54:04 -0700 (PDT)
Received: from mexforward.lss.emc.com (hop-nat-141.emc.com [168.159.213.141]) by ietfa.amsl.com (Postfix) with ESMTP id F29421F0D0B for <mile@ietf.org>; Thu, 14 Mar 2013 07:54:03 -0700 (PDT)
Received: from hop04-l1d11-si01.isus.emc.com (HOP04-L1D11-SI01.isus.emc.com [10.254.111.54]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id r2EErvia028198 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <mile@ietf.org>; Thu, 14 Mar 2013 10:54:02 -0400
Received: from mailhub.lss.emc.com (mailhubhoprd01.lss.emc.com [10.254.221.251]) by hop04-l1d11-si01.isus.emc.com (RSA Interceptor) for <mile@ietf.org>; Thu, 14 Mar 2013 10:53:46 -0400
Received: from mxhub04.corp.emc.com (mxhub04.corp.emc.com [10.254.141.106]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id r2EErjcQ025914 for <mile@ietf.org>; Thu, 14 Mar 2013 10:53:45 -0400
Received: from mx15a.corp.emc.com ([169.254.1.118]) by mxhub04.corp.emc.com ([10.254.141.106]) with mapi; Thu, 14 Mar 2013 10:53:45 -0400
From: "Black, David" <david.black@emc.com>
To: "Moriarty, Kathleen" <kathleen.moriarty@emc.com>, "mile@ietf.org" <mile@ietf.org>
Date: Thu, 14 Mar 2013 10:53:43 -0400
Thread-Topic: Consensus Call - SCI draft MMDEF as MTI
Thread-Index: AQHOIB2WPSqPazjoCkaiTRDs9BRkd5ilNp0ggAAKlk6AAASdEA==
Message-ID: <8D3D17ACE214DC429325B2B98F3AE71290FA9202@MX15A.corp.emc.com>
References: <F5063677821E3B4F81ACFB7905573F24D79BE5CD@MX15A.corp.emc.com>, <1C9F17D1873AFA47A969C4DD98F98A751926C4@xmb-rcd-x10.cisco.com> <F5063677821E3B4F81ACFB7905573F24D79BE5F0@MX15A.corp.emc.com>
In-Reply-To: <F5063677821E3B4F81ACFB7905573F24D79BE5F0@MX15A.corp.emc.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-EMM-MHVC: 1
Subject: Re: [mile] Consensus Call - SCI draft MMDEF as MTI
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mile>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Mar 2013 14:54:08 -0000
I support MMDEF as the MTI, and since MMDEF is a malware spec, I'd like to resurrect a previously-discussed suggestion that the SCI draft include discussion of the "EICAR Standard Anti-Virus Test File" as a specific example that SHOULD (or MUST?) be supported for black-box testing purposes. See: http://www.eicar.org/86-0-Intended-use.html Thanks, --David > -----Original Message----- > From: mile-bounces@ietf.org [mailto:mile-bounces@ietf.org] On Behalf Of > Moriarty, Kathleen > Sent: Thursday, March 14, 2013 10:38 AM > To: Panos Kampanakis (pkampana); mile@ietf.org > Subject: Re: [mile] Consensus Call - SCI draft MMDEF as MTI > > Hello Panos, > > Thank you for joining us remotely! The recording is available for those who > were not able to attend during the session. > > We need to choose one included schema as MTI for 'black box' testing of the > method described. Essentially, if you can exchange using the MTI spec, then > any other specs supported should theoretically work as the pattern has been > established. > > MMDEF was recommended as it is in use by the eCrime WG as an extension to > IODEF/RFC5901. It replaced the method to include malware in exchanges and > seemed to make sense to adopt more broadly as it is maintained by a group in > IEEE focused on that particular problem. > > BTW, I meant to say the last call will end in two weeks from yesterday, > Wednesday March 27th. > > Thank you! > Kathleen > ________________________________________ > From: Panos Kampanakis (pkampana) [pkampana@cisco.com] > Sent: Thursday, March 14, 2013 9:59 AM > To: Moriarty, Kathleen; mile@ietf.org > Subject: RE: Consensus Call - SCI draft MMDEF as MTI > > I agree with MMDEF included in SCI. > I am not sure why it must be MTI. Due to some audio problems I missed part of > the call yesterday. Can you briefly summarize why we want it MTI? > > -----Original Message----- > From: mile-bounces@ietf.org [mailto:mile-bounces@ietf.org] On Behalf Of > Moriarty, Kathleen > Sent: Wednesday, March 13, 2013 3:04 PM > To: mile@ietf.org > Subject: [mile] Consensus Call - SCI draft MMDEF as MTI > > Hello, > > In today's MILE session, a call for consensus began to include MMDEF in the > SCI draft as the mandatory-to-implement (MTI) specification. The call for > consensus will last for 2 weeks and we ask that you contribute your opinion. > The vote in the room was unanimous and we want to make sure we hear from > participants not in attendance. > > Poll will end on Wednesday next week. > > Thank you! > Kathleen > _______________________________________________ > mile mailing list > mile@ietf.org > https://www.ietf.org/mailman/listinfo/mile > _______________________________________________ > mile mailing list > mile@ietf.org > https://www.ietf.org/mailman/listinfo/mile
- [mile] Consensus Call - SCI draft MMDEF as MTI Moriarty, Kathleen
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Tony Rutkowski
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Panos Kampanakis (pkampana)
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Moriarty, Kathleen
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Black, David
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Panos Kampanakis (pkampana)
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Takeshi Takahashi
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Moriarty, Kathleen
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Eric Burger
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Martin, Robert A.
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Takeshi Takahashi
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Eric Burger
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Takeshi Takahashi
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Eric Burger
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Takeshi Takahashi