Re: [mile] early AD-review of draft-ietf-mile-template
Sean Turner <turners@ieca.com> Thu, 26 April 2012 19:36 UTC
Return-Path: <turners@ieca.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 60B4D21E8179 for <mile@ietfa.amsl.com>; Thu, 26 Apr 2012 12:36:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.277
X-Spam-Level:
X-Spam-Status: No, score=-102.277 tagged_above=-999 required=5 tests=[AWL=-0.012, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZGlJIMADnR0p for <mile@ietfa.amsl.com>; Thu, 26 Apr 2012 12:36:25 -0700 (PDT)
Received: from gateway01.websitewelcome.com (gateway01.websitewelcome.com [69.56.212.19]) by ietfa.amsl.com (Postfix) with ESMTP id ADE7121E8151 for <mile@ietf.org>; Thu, 26 Apr 2012 12:36:25 -0700 (PDT)
Received: by gateway01.websitewelcome.com (Postfix, from userid 5007) id 1CA0A461A6316; Thu, 26 Apr 2012 14:36:25 -0500 (CDT)
Received: from gator1743.hostgator.com (gator1743.hostgator.com [184.173.253.227]) by gateway01.websitewelcome.com (Postfix) with ESMTP id 11B18461A62F6 for <mile@ietf.org>; Thu, 26 Apr 2012 14:36:25 -0500 (CDT)
Received: from [71.191.6.129] (port=44255 helo=thunderfish.local) by gator1743.hostgator.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <turners@ieca.com>) id 1SNUUK-0005Bi-HX; Thu, 26 Apr 2012 14:36:24 -0500
Message-ID: <4F99A3B7.3070904@ieca.com>
Date: Thu, 26 Apr 2012 15:36:23 -0400
From: Sean Turner <turners@ieca.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:11.0) Gecko/20120327 Thunderbird/11.0.1
MIME-Version: 1.0
To: kathleen.moriarty@emc.com
References: <4F999FB4.5070403@ieca.com> <AE31510960917D478171C79369B660FA0E9532A1CD@MX06A.corp.emc.com>
In-Reply-To: <AE31510960917D478171C79369B660FA0E9532A1CD@MX06A.corp.emc.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - gator1743.hostgator.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - ieca.com
X-BWhitelist: no
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: pool-71-191-6-129.washdc.east.verizon.net (thunderfish.local) [71.191.6.129]:44255
X-Source-Auth: sean.turner@ieca.com
X-Email-Count: 9
X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IxNzQzLmhvc3RnYXRvci5jb20=
Cc: mile@ietf.org
Subject: Re: [mile] early AD-review of draft-ietf-mile-template
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mile>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Apr 2012 19:36:26 -0000
Sure or you could point to both or neither ;) spt On 4/26/12 3:31 PM, kathleen.moriarty@emc.com wrote: > Thanks, Sean! > > In an attempt to help at #2, we could also consider the following definition of an incident (section 2.2.7) from early work setting the initial IODE requirements. The definition covers a security incident and an IT incident. > > http://tools.ietf.org/html/rfc3067 > > Thanks, > Kathleen > > -----Original Message----- > From: mile-bounces@ietf.org [mailto:mile-bounces@ietf.org] On Behalf Of Sean Turner > Sent: Thursday, April 26, 2012 3:19 PM > To: mile@ietf.org > Subject: [mile] early AD-review of draft-ietf-mile-template > > Here's my early AD-review. > > spt > > -------------- > > 1) s1: r/a section Appendix A/a section (Appendix A) > > 2) s1: r/of an Internet-Draft/for an Internet-Draft > > 3) s2, bullet 1: Definition of "incident": Not sure if you want to do > this, but there's a definition in RFC 4949 (the internet security > glossary) for incident and that points to security incident: > > $ security incident > 1. (I) A security event that involves a security violation. (See: > CERT, security event, security intrusion, security violation.) > > I think this is also pretty vague, but it might give those who need a > clue maybe some more clue. Basically just add an informative reference > to RFC 4949. Up to you. > > 4) s2, bullet 2: Contains the following statement: > > If, after detailed examination of the problem area and > the IODEF specification, ... > > How about we add the concept of examination *and consultation* to not so > subtly suggest that people openly talk about their idea with this > community (or at least somebody in the know) before embarking on doing > an internet-draft. So maybe: > > If, after detailed examination and consultation (possibly with the > IODEF Expert reviewer) of the problem area and the IODEF > specification, ... > > * Trying to figure out where the IODEF expert will be listed so we can > point to it, but we can add the pointer later. > > 5) s7.1: > > The reference for 5226 is probably now informative? > > Update the reference to 6545. > > Drop reference to 3688. > > 6) Appendix A: I'm mildly concerned that somebody will read this and say > "well hold on there you might be conflicting with the RFC editor's > requirements." I think you probably need to add some text in the intro > that says that any rules, as specified by the RFC editor, obviously take > precedent to anything in this draft and that the latest version of the > RFC editor's style guide should be consulted > (http://www.rfc-editor.org/styleguide.html) for additional instructions. > Might also be worth mentioning that you're not going to talk about the > abstract, status of this memo, copy right, and author addresses sections. > > 7) A.4.1: Can the types be extended/updated? If so, then should that be > mentioned here? > > 8) In A.5 it's worth noting that this section is required by the RFC > editor. You might also be worth an informative reference to RFC 3552 - > though some people dislike this RFC (adding this reference is up to you). > > 9) A.6: Isn't the point of an extension document is that something is > *always* registered? If it is, then isn't this section always required? > > 10) A.7: Worth pointing out that this is required by the RFC editor. > > 11) A.8: r/should/will in the following: > > Each of the examples in section > Appendix A.9 should be verified to validate against this schema by > automated tools. > > Under what circumstance would they not be? > > 12) A.8 and A.9 and I guess all appendices in this draft, should we > require that they explicitly be marked as normative parts of the document? > > 13) Appendix B: Should we make up something to register as opposed to > using something real? Maybe something like lottery #? > _______________________________________________ > mile mailing list > mile@ietf.org > https://www.ietf.org/mailman/listinfo/mile > >
- [mile] early AD-review of draft-ietf-mile-template Sean Turner
- Re: [mile] early AD-review of draft-ietf-mile-tem… kathleen.moriarty
- Re: [mile] early AD-review of draft-ietf-mile-tem… Sean Turner
- Re: [mile] early AD-review of draft-ietf-mile-tem… Brian Trammell
- Re: [mile] early AD-review of draft-ietf-mile-tem… Sean Turner
- Re: [mile] early AD-review of draft-ietf-mile-tem… Brian Trammell
- Re: [mile] early AD-review of draft-ietf-mile-tem… Sean Trner
- Re: [mile] early AD-review of draft-ietf-mile-tem… kathleen.moriarty