[mile] Hello, my comments on draft-banghart-mile-rolie-csirt-01:
"Xialiang (Frank)" <frank.xialiang@huawei.com> Thu, 20 July 2017 07:13 UTC
Return-Path: <frank.xialiang@huawei.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7FA512EB2B for <mile@ietfa.amsl.com>; Thu, 20 Jul 2017 00:13:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZlL0DfgPPgT6 for <mile@ietfa.amsl.com>; Thu, 20 Jul 2017 00:13:58 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B9BA2127735 for <mile@ietf.org>; Thu, 20 Jul 2017 00:13:57 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml705-cah.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DRP16054; Thu, 20 Jul 2017 07:13:55 +0000 (GMT)
Received: from DGGEML402-HUB.china.huawei.com (10.3.17.38) by lhreml705-cah.china.huawei.com (10.201.108.46) with Microsoft SMTP Server (TLS) id 14.3.301.0; Thu, 20 Jul 2017 08:13:54 +0100
Received: from DGGEML502-MBX.china.huawei.com ([169.254.2.84]) by DGGEML402-HUB.china.huawei.com ([fe80::fca6:7568:4ee3:c776%31]) with mapi id 14.03.0301.000; Thu, 20 Jul 2017 15:13:51 +0800
From: "Xialiang (Frank)" <frank.xialiang@huawei.com>
To: "mile@ietf.org" <mile@ietf.org>
Thread-Topic: Hello, my comments on draft-banghart-mile-rolie-csirt-01:
Thread-Index: AdMBJ737fe7WDE1lSVyC0xwwfBCgbw==
Date: Thu, 20 Jul 2017 07:13:51 +0000
Message-ID: <C02846B1344F344EB4FAA6FA7AF481F12BB2527C@DGGEML502-MBX.china.huawei.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.47.73.101]
Content-Type: multipart/alternative; boundary="_000_C02846B1344F344EB4FAA6FA7AF481F12BB2527CDGGEML502MBXchi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090204.59705833.0058, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.2.84, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: e806121b8d7a0ce95eeb2a418cf73c30
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/esiN1uZ2SkLkRhwtho6x7hf7vXs>
Subject: [mile] Hello, my comments on draft-banghart-mile-rolie-csirt-01:
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Jul 2017 07:14:00 -0000
Hi authors, I have reviewed this draft, it's a useful extension of ROLIE for CSIRT team for security information sharing. Right now, I can see that this draft is generally not complicated so that in a good shape and well written. I just have several comments on it as follows: 1. Table 1~3 have the same title causing the difficulty to know what they are respectively for, it would be helpful to have more specific title for each table; 2. Current draft covers two primary types of information: incidents and indicators. Is there plan to add more types in future, given IODEF actually has more types of security related information that can be referenced? 3. For people who are not CSIRT experts, they may not be clear why you propose current information elements required for the CSIRT exchange in Section 6. Is it helpful to have some background information for explaining? Generally, I think this draft is useful and in a good direction, but I still find there are some parts missed or not fully described. So go ahead and encourage more discussions in WG~~ B.R. Frank
- [mile] Hello, my comments on draft-banghart-mile-… Xialiang (Frank)
- Re: [mile] Hello, my comments on draft-banghart-m… Waltermire, David A. (Fed)