Re: [mile] I-D Action: draft-ietf-mile-rolie-00.txt
Daisuke MIYAMOTO <daisu-mi@nc.u-tokyo.ac.jp> Wed, 25 March 2015 00:19 UTC
Return-Path: <daisu-mi@nc.u-tokyo.ac.jp>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E30F1A1BF6 for <mile@ietfa.amsl.com>; Tue, 24 Mar 2015 17:19:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.599
X-Spam-Level:
X-Spam-Status: No, score=0.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wcP0SsP4YlrU for <mile@ietfa.amsl.com>; Tue, 24 Mar 2015 17:19:10 -0700 (PDT)
Received: from skyblue2.nc.u-tokyo.ac.jp (skyblue2.nc.u-tokyo.ac.jp [133.11.124.21]) by ietfa.amsl.com (Postfix) with ESMTP id CF4F51A1BBC for <mile@ietf.org>; Tue, 24 Mar 2015 17:19:09 -0700 (PDT)
Received: from [IPv6:2001:67c:370:176:84f8:2e39:c010:bafc] (unknown [IPv6:2001:67c:370:176:84f8:2e39:c010:bafc]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by skyblue2.nc.u-tokyo.ac.jp (Postfix) with ESMTPSA id A5139B9CC02A; Wed, 25 Mar 2015 09:19:07 +0900 (JST)
Message-ID: <5511FEF8.3070105@nc.u-tokyo.ac.jp>
Date: Wed, 25 Mar 2015 09:19:04 +0900
From: Daisuke MIYAMOTO <daisu-mi@nc.u-tokyo.ac.jp>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: Takeshi Takahashi <takeshi_takahashi@nict.go.jp>, mile@ietf.org
References: <20141205174650.22807.53069.idtracker@ietfa.amsl.com> <001b01d014e0$38851520$a98f3f60$@nict.go.jp>
In-Reply-To: <001b01d014e0$38851520$a98f3f60$@nict.go.jp>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/mile/TbY_yQs-_zvUlGuIN8PezKfvpxo>
Subject: Re: [mile] I-D Action: draft-ietf-mile-rolie-00.txt
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Mar 2015 00:19:12 -0000
Dear John, Take and all, Thank you very much for your contribution. Your proposal, restful API will surely accelerate incident response procedure. I have a question about Table 2, "Link Relations for Resource-Oriented Lightweight Indicator Exchange" in the draft. http://tools.ietf.org/html/draft-ietf-mile-rolie-00 Here listed the very practical link relations, but how can we get data for "campaign" and "attacker" ? I think that these were not contained in IODEF, but there were possibility of reading them from STIX-format included in IODEF-SCI. I appreciate your clarification. Kind regards, Daisuke On 2014/12/11 10:17, Takeshi Takahashi wrote: > Hi John and all, > > Thank you very much for bringing the draft back again to the MILE ! > > My understanding on this draft was that people in MILE were generally in > favor of moving this draft forward some time ago, but the draft was expired > since we were all busy for considering the main specs of IODEF and RID. > IMHO, I believe it is a good timing to review and complete this work. > > Here is one comment. > I think the main content is not affected by the emergence of the IODEF-bis, > except the examples mentioned in the draft, correct? > Since the IODEF-bis will be finalized soon, we could review the example > using the IODEF-bis (the IODEF-bis does not have complete backward > compatibility) once the IODEF-bis reaches to the final stage. > Another comment is that, as with the enum-draft, this draft could be refined > so that it could be used or acknowledged by the SACM WG. > > In my personal opinion, I wish to see the draft to be a WG draft, so that we > can receive more reviews on this draft. > (According to the charter, we were supposed to submit the draft to the IESG > on Jan 2015.) > > All, could you share your feeling on this draft? > > Thank you. > Take > > > > > >> -----Original Message----- >> From: mile [mailto:mile-bounces@ietf.org] On Behalf Of >> internet-drafts@ietf.org >> Sent: Saturday, December 6, 2014 2:47 AM >> To: i-d-announce@ietf.org >> Cc: mile@ietf.org >> Subject: [mile] I-D Action: draft-ietf-mile-rolie-00.txt >> >> >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> This draft is a work item of the Managed Incident Lightweight Exchange >> Working Group of the IETF. >> >> Title : Resource-Oriented Lightweight Indicator >> Exchange >> Author : John P. Field >> Filename : draft-ietf-mile-rolie-00.txt >> Pages : 45 >> Date : 2014-12-05 >> >> Abstract: >> This document defines a resource-oriented approach to cyber security >> information sharing. Using this approach, a CSIRT or other >> stakeholder may share and exchange representations of cyber security >> incidents, indicators, and other related information as Web- >> addressable resources. The transport protocol binding is specified >> as HTTP(S) with a MIME media type of Atom+XML. An appropriate set of >> link relation types specific to cyber security information sharing is >> defined. The resource representations leverage the existing IODEF >> [RFC5070] and RID [RFC6545] specifications as appropriate. >> Coexistence with deployments that conform to existing specifications >> including RID [RFC6545] and Transport of Real-time Inter-network >> Defense (RID) Messages over HTTP/TLS [RFC6546] is supported via >> appropriate use of HTTP status codes. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-mile-rolie/ >> >> There's also a htmlized version available at: >> http://tools.ietf.org/html/draft-ietf-mile-rolie-00 >> >> >> Please note that it may take a couple of minutes from the time of > submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> mile mailing list >> mile@ietf.org >> https://www.ietf.org/mailman/listinfo/mile > > _______________________________________________ > mile mailing list > mile@ietf.org > https://www.ietf.org/mailman/listinfo/mile >
- Re: [mile] I-D Action: draft-ietf-mile-rolie-00.t… Daisuke MIYAMOTO
- [mile] I-D Action: draft-ietf-mile-rolie-00.txt internet-drafts
- Re: [mile] I-D Action: draft-ietf-mile-rolie-00.t… Takeshi Takahashi