Re: [mile] [EXT] WGLC for CSIRT draft

Jessica Fitzgerald-McKay <jmfmckay@gmail.com> Mon, 21 October 2019 22:11 UTC

Return-Path: <jmfmckay@gmail.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A834C120A59 for <mile@ietfa.amsl.com>; Mon, 21 Oct 2019 15:11:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.998
X-Spam-Level:
X-Spam-Status: No, score=-0.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dWGCbQHZMa5b for <mile@ietfa.amsl.com>; Mon, 21 Oct 2019 15:11:06 -0700 (PDT)
Received: from mail-ed1-x52f.google.com (mail-ed1-x52f.google.com [IPv6:2a00:1450:4864:20::52f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5D278120A3F for <mile@ietf.org>; Mon, 21 Oct 2019 15:11:06 -0700 (PDT)
Received: by mail-ed1-x52f.google.com with SMTP id s20so5257770edq.9 for <mile@ietf.org>; Mon, 21 Oct 2019 15:11:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=45YAJXTf9XbJIPgc/XqC4v+FxxBK8tlXHVbFcjq1uPE=; b=hXBLzYOM8lKUdad1J+vRsRJ5N8B7aqLIWZTns9wa+5Lqaj5lfILsuS5NGS33f0clpq snwsdLa7CSBKU7cGXHYO5HyCYD59xI99tzWvOjKA6mkq0f4UFkwaTVRmL0EeLeiPEzIF bCyO3bhcbp1u02HJGFitywMOok5CxqgrCJjPdZ6atggiqU9FeXdv2goh6sqW/UDPJ9Au Luc/yzLvOQ4yNGTHzhNuuZuCb6VsCpqvtyk+muC9GKe6lBrkqR2DdKZOLn7yIOQOcBQk 9XlBQQCcCIBhT/rjENqj1s8DnV18RTQDXFnPbT/5oity4Ky0dL6mIp1VtEwZot3BWXnw D6bg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=45YAJXTf9XbJIPgc/XqC4v+FxxBK8tlXHVbFcjq1uPE=; b=c4MBpINda0aoGP2pPRgUkWaAVL01WlS3rBoc2Q5qycJTyZ9YMthrjHXnI7F8CnwDb+ Heh1Bgl8iQigqklo2J6mabAfb4DY+R4DNEy+cHkD/un0Jjx8r0Cf49N9sftperodEmU0 CRqJsGh6Xz3TWf6mOi21xu4bDnnKZ63r8WYnvacFRCXGiW2k98PUfz2kitWvpRXG3cLe /SoE5/PIMrNj2R3wWL8ZMjKThMTSHGK8vYKskuikBbeW+VmWMDgrEuROL2940nljF2cF GUkSwcOSvfXPk0LS2KgFMcy1YyKpcRou4PcXT8QcBFjL/RijgXsDHt9qHuiE2ALlT6Iq b2og==
X-Gm-Message-State: APjAAAXJAYigqLkO538h+tqfoFQkOb8ZiMCDofSdABmwKnz8z3+blE6+ 9H6u2sL63HusfHoZrntQkYeyLgxOuPVTCF/EYZyXH0HZ
X-Google-Smtp-Source: APXvYqzTlXtr4PyvsHO79cFB0aLcbURmHzPqhfwdB+d4rA5W7dxqztcMdAYn3prkA3TOCzCrKB62Wso2ScLQ5kqjfGE=
X-Received: by 2002:a05:6402:1454:: with SMTP id d20mr28424818edx.53.1571695864653; Mon, 21 Oct 2019 15:11:04 -0700 (PDT)
MIME-Version: 1.0
References: <4825_1569270505_5D892AE8_4825_140_1_3EDB65E2-A3CE-4A85-82CE-DFF0B7D02C1C@cisco.com> <D057D3CA-F560-41F1-80BF-EF9F2B7C425F@mitre.org>
In-Reply-To: <D057D3CA-F560-41F1-80BF-EF9F2B7C425F@mitre.org>
From: Jessica Fitzgerald-McKay <jmfmckay@gmail.com>
Date: Mon, 21 Oct 2019 18:10:51 -0400
Message-ID: <CAM+R6NVaM9VYH2dNcsWFTj87y9ezGDNqTN7r_Dv0Jwrqsdhcew@mail.gmail.com>
To: "Haynes Jr., Dan" <dhaynes@mitre.org>
Cc: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, "mile@ietf.org" <mile@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b5299e059572f5a8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/byFWS3kDZrAbgcGKy1mczCFNufA>
Subject: Re: [mile] [EXT] WGLC for CSIRT draft
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Oct 2019 22:11:09 -0000

A few more nits. When these and Danny's edits are addresses, this document
is ready to move forward.

Thanks,
Jess

Introduction- Expand CSIRT on first use
                  - change "ensure the security of their systems" to
"improve the security of their systems"
Section 4.3- edit MISP document section to avoid ending on a preposition
("actively being worked on")
      - link to the MISP drafts, as informative references
Section 8- edit first comma in first sentence to a semi colon or period

On Mon, Oct 21, 2019 at 4:38 PM Haynes Jr., Dan <dhaynes@mitre.org>; wrote:

> Hi Nancy and Stephen,
>
>
>
> I have some minor nits and questions.
>
>
>
>    - Abstract
>       - Change “This document extends…to add the information type
>       categories…(CSIRT) use cases.” to “This document extends…to add the
>       indicator and incident information type categories…(CSIRT) use cases.”
>       - Remove “The indicator and incident information types are defined
>       as ROLIE extensions.”
>    - Section 2
>       - Should this also reference RFC 8174?
>    - Section 3.1
>       - Change “…that in is the abstract realm…” to “…that is in the
>       abstract realm…”.
>    - Section 3.1
>       - Change “Some examples of indicator information is provided
>       below,…” to “Some examples of indicator information are provided below,…”.
>    - Section 4.2.2
>       - Is “Feed” a defined term?
>    - Section 4.3
>       - Change “day-to=day” should be “day-to-day”.
>    - Section 4.3.1
>       - Bullet 4: Change “…element in the attached MISP Event .” to
>       “…element in the attached MISP Event.”.
>       - Bullet 5: Change “This ensures better compatibility…and a MISP
>       Manifest” to “This ensures better compatibility…and a MISP Manifest.”.
>    - Section 5.1
>       - Change “If a ROLIE server supports…MUST be support” to “If a
>       ROLIE server supports the incident information-type, then these link
>       relations MUST be supported.”
>    - Section 5.2
>       - Change “If a ROLIE server supports…MUST be supported.” to “If a
>       ROLIE server supports the indicator information-type, then these link
>       relations MUST be supported.”
>    - Section 8
>       - Change “When sharing IODEF 2 documents…” to “When sharing IODEF
>       Version 2 documents.”.
>
>
>
> Beyond that, I am comfortable with moving this draft forward.
>
>
>
> Thanks,
>
> Danny
>
>
>
> *From: *mile <mile-bounces@ietf.org>; on behalf of "Nancy Cam-Winget
> (ncamwing)" <ncamwing@cisco.com>;
> *Date: *Monday, September 23, 2019 at 4:29 PM
> *To: *"mile@ietf.org"; <mile@ietf.org>;
> *Subject: *[EXT] [mile] WGLC for CSIRT draft
>
>
>
> Fellow MILE participants,
>
>
>
> This is a Working Group Last Call for
> https://datatracker.ietf.org/doc/draft-ietf-mile-rolie-csirt/
>
>
>
> Please provide your review and feedback to the draft’s readiness by Oct 21
> st so that we can move it forward.
>
>
>
> Warm regards,
>
>                 Nancy
> _______________________________________________
> mile mailing list
> mile@ietf.org
> https://www.ietf.org/mailman/listinfo/mile
>