Re: [mile] Consensus Call - SCI draft MMDEF as MTI
"Takeshi Takahashi" <takeshi_takahashi@nict.go.jp> Sat, 23 March 2013 08:17 UTC
Return-Path: <takeshi_takahashi@nict.go.jp>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9439F21F8457 for <mile@ietfa.amsl.com>; Sat, 23 Mar 2013 01:17:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.455
X-Spam-Level: **
X-Spam-Status: No, score=2.455 tagged_above=-999 required=5 tests=[BAYES_40=-0.185, HELO_EQ_JP=1.244, MIME_QP_LONG_LINE=1.396]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tq7sXSgISewt for <mile@ietfa.amsl.com>; Sat, 23 Mar 2013 01:17:35 -0700 (PDT)
Received: from ns2.nict.go.jp (ns2.nict.go.jp [IPv6:2001:df0:232:300::2]) by ietfa.amsl.com (Postfix) with ESMTP id A1B4F21F896B for <mile@ietf.org>; Sat, 23 Mar 2013 01:17:18 -0700 (PDT)
Received: from gw2.nict.go.jp (gw2 [133.243.18.251]) by ns2.nict.go.jp with ESMTP id r2N8GsKh016726 for <mile@ietf.org>; Sat, 23 Mar 2013 17:16:54 +0900 (JST)
Received: from gw2.nict.go.jp (localhost [127.0.0.1]) by gw2.nict.go.jp with ESMTP id r2N8GsWs024097 for <mile@ietf.org>; Sat, 23 Mar 2013 17:16:54 +0900 (JST)
Received: from mail2.nict.go.jp (mail.nict.go.jp [133.243.18.3]) by gw2.nict.go.jp with ESMTP id r2N8Gsgl024094 for <mile@ietf.org>; Sat, 23 Mar 2013 17:16:54 +0900 (JST)
Received: from mail2.nict.go.jp (localhost [127.0.0.1]) by mail2.nict.go.jp (NICT Mail) with ESMTP id C91742C6CF for <mile@ietf.org>; Sat, 23 Mar 2013 17:16:53 +0900 (JST)
Received: from VAIO (unknown [133.243.119.109]) by mail2.nict.go.jp (NICT Mail) with ESMTP id BD00716963 for <mile@ietf.org>; Sat, 23 Mar 2013 17:16:53 +0900 (JST)
From: Takeshi Takahashi <takeshi_takahashi@nict.go.jp>
To: mile@ietf.org
References: <F5063677821E3B4F81ACFB7905573F24D79BE5CD@MX15A.corp.emc.com>, <1C9F17D1873AFA47A969C4DD98F98A751926C4@xmb-rcd-x10.cisco.com> <F5063677821E3B4F81ACFB7905573F24D79BE5F0@MX15A.corp.emc.com> <8D3D17ACE214DC429325B2B98F3AE71290FA9202@MX15A.corp.emc.com>
In-Reply-To: <8D3D17ACE214DC429325B2B98F3AE71290FA9202@MX15A.corp.emc.com>
Date: Sat, 23 Mar 2013 17:16:56 +0900
Message-ID: <000601ce279e$c8ab7940$5a026bc0$@nict.go.jp>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----=_NextPart_000_0007_01CE27EA.38939670"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQFCibkFcoiRAxGJUwOvO7kpytpEUwHYmM6bAq+IVDUBugT0/pmYF3cA
Content-Language: ja
Subject: Re: [mile] Consensus Call - SCI draft MMDEF as MTI
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mile>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Mar 2013 08:17:40 -0000
Hi all, I remember the discussion on the EICAR and agree upon David's kind suggestion. The attached is the revised SCI draft, whose section 10 talks about the EICAR (with an example XML). Kind regards, Take > -----Original Message----- > From: mile-bounces@ietf.org [mailto:mile-bounces@ietf.org] On Behalf Of > Black, David > Sent: Thursday, March 14, 2013 11:54 PM > To: Moriarty, Kathleen; mile@ietf.org > Subject: Re: [mile] Consensus Call - SCI draft MMDEF as MTI > > I support MMDEF as the MTI, and since MMDEF is a malware spec, I'd like to > resurrect a previously-discussed suggestion that the SCI draft include > discussion of the "EICAR Standard Anti-Virus Test File" as a specific example > that SHOULD (or MUST?) be supported for black-box testing purposes. > > See: http://www.eicar.org/86-0-Intended-use.html > > Thanks, > --David > > > -----Original Message----- > > From: mile-bounces@ietf.org [mailto:mile-bounces@ietf.org] On Behalf > > Of Moriarty, Kathleen > > Sent: Thursday, March 14, 2013 10:38 AM > > To: Panos Kampanakis (pkampana); mile@ietf.org > > Subject: Re: [mile] Consensus Call - SCI draft MMDEF as MTI > > > > Hello Panos, > > > > Thank you for joining us remotely! The recording is available for > > those who were not able to attend during the session. > > > > We need to choose one included schema as MTI for 'black box' testing > > of the method described. Essentially, if you can exchange using the > > MTI spec, then any other specs supported should theoretically work as > > the pattern has been established. > > > > MMDEF was recommended as it is in use by the eCrime WG as an > extension > > to IODEF/RFC5901. It replaced the method to include malware in > > exchanges and seemed to make sense to adopt more broadly as it is > > maintained by a group in IEEE focused on that particular problem. > > > > BTW, I meant to say the last call will end in two weeks from > > yesterday, Wednesday March 27th. > > > > Thank you! > > Kathleen > > ________________________________________ > > From: Panos Kampanakis (pkampana) [pkampana@cisco.com] > > Sent: Thursday, March 14, 2013 9:59 AM > > To: Moriarty, Kathleen; mile@ietf.org > > Subject: RE: Consensus Call - SCI draft MMDEF as MTI > > > > I agree with MMDEF included in SCI. > > I am not sure why it must be MTI. Due to some audio problems I missed > > part of the call yesterday. Can you briefly summarize why we want it MTI? > > > > -----Original Message----- > > From: mile-bounces@ietf.org [mailto:mile-bounces@ietf.org] On Behalf > > Of Moriarty, Kathleen > > Sent: Wednesday, March 13, 2013 3:04 PM > > To: mile@ietf.org > > Subject: [mile] Consensus Call - SCI draft MMDEF as MTI > > > > Hello, > > > > In today's MILE session, a call for consensus began to include MMDEF > > in the SCI draft as the mandatory-to-implement (MTI) specification. > > The call for consensus will last for 2 weeks and we ask that you contribute > your opinion. > > The vote in the room was unanimous and we want to make sure we hear > > from participants not in attendance. > > > > Poll will end on Wednesday next week. > > > > Thank you! > > Kathleen > > _______________________________________________ > > mile mailing list > > mile@ietf.org > > https://www.ietf.org/mailman/listinfo/mile > > _______________________________________________ > > mile mailing list > > mile@ietf.org > > https://www.ietf.org/mailman/listinfo/mile > > _______________________________________________ > mile mailing list > mile@ietf.org > https://www.ietf.org/mailman/listinfo/mile
- [mile] Consensus Call - SCI draft MMDEF as MTI Moriarty, Kathleen
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Tony Rutkowski
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Panos Kampanakis (pkampana)
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Moriarty, Kathleen
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Black, David
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Panos Kampanakis (pkampana)
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Takeshi Takahashi
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Moriarty, Kathleen
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Eric Burger
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Martin, Robert A.
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Takeshi Takahashi
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Eric Burger
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Takeshi Takahashi
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Eric Burger
- Re: [mile] Consensus Call - SCI draft MMDEF as MTI Takeshi Takahashi