Re: [mile] Feedback for draft-ietf-mile-rolie-vuln-02

"Nelson, Alexander J. (Fed)" <alexander.nelson@nist.gov> Mon, 28 October 2019 19:14 UTC

Return-Path: <alexander.nelson@nist.gov>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBB5F12007A for <mile@ietfa.amsl.com>; Mon, 28 Oct 2019 12:14:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nist.gov
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8XrpUfzFmxQT for <mile@ietfa.amsl.com>; Mon, 28 Oct 2019 12:14:22 -0700 (PDT)
Received: from GCC01-DM2-obe.outbound.protection.outlook.com (mail-eopbgr840092.outbound.protection.outlook.com [40.107.84.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C0D312006D for <mile@ietf.org>; Mon, 28 Oct 2019 12:14:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=di+GxggowhGg9QkM5PDof+1NcJO9Gy8o99U4HOSU/34vvKKU0oY9SHbUj9Rbbj585CGr9VCjDTajH+R/bad89dUMNYqDh8/yyVsZz4SWoejsBiGL8er40/727pKu07iRU3RWJCNduW8PM+ojL6qxf5i6ve9CLpUy0Oz2bb0gT3xeHF3U1sPt0Mp8UjpxLtQpwwNL7YRhL2TFib/QbRjnHCI29OblCdVG8qGo5s/jsR+ZSDHElW7rfzCvFJNYdrLkjvM53ixtg2F+VqIIUnqQBf8oqVG6hmb5QyksPg2dxBJB7Ug6y1izXxjZUF4ORQ3iv1SHAIhyX+00bo9iADksnw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uQk/cgZLVM9WN/LkWgyKYxt5XoZSgDFhdqESh6j5Uuk=; b=ObFSOmWIAvYrw8h3CSKa4qEQ1bosoMW3rT6BI+SNEs4IHIAIL6UmgiIOtYxlfFULQbxHTWtR58RwABpE1qCUXx2EcCScdK/NlFlpQCyOvHhiqBac/PJeWvsYtkkcOhk5mDSgl74IQrDGQmy+3EXB3Ljath+7Fe3/seUxru8NvAMWERQKbeWEhpokK2ehxNkY+TvmK7C2SRHGhTawiYd+eHHBvbJqWObqTWB8xBq2pUqZbN/hvCQck0yqV00EsRJDE+vRIqAFsKUfGFfTOj56btGs+l8RtI6bHl8iOJ5UXophwvdPqTPEBYd5D7bLR8GLBu/XL7UoOf08VLisaeTYew==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nist.gov; dmarc=pass action=none header.from=nist.gov; dkim=pass header.d=nist.gov; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nist.gov; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uQk/cgZLVM9WN/LkWgyKYxt5XoZSgDFhdqESh6j5Uuk=; b=gSUkg6fsx3OP1mLmJMdDaA65+zK7vwJkMf2JXndgf2Y2upjHjGOPP2VWvUJ0TAgcWUm2w6mBNvrY9+6d4Tb+iibrJb79MkrcMDfXAiaXeGMrRkJkuJ1wjMq7gk3jW2qXPJOlogyAkDJ0lIFh9s2iah4vJL8YntuBLxT2TXspRJM=
Received: from DM6PR09MB3593.namprd09.prod.outlook.com (20.179.50.88) by DM6PR09MB3482.namprd09.prod.outlook.com (20.179.52.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2387.22; Mon, 28 Oct 2019 19:14:20 +0000
Received: from DM6PR09MB3593.namprd09.prod.outlook.com ([fe80::c46:79db:ae3a:e761]) by DM6PR09MB3593.namprd09.prod.outlook.com ([fe80::c46:79db:ae3a:e761%6]) with mapi id 15.20.2387.023; Mon, 28 Oct 2019 19:14:20 +0000
From: "Nelson, Alexander J. (Fed)" <alexander.nelson@nist.gov>
To: "mile@ietf.org" <mile@ietf.org>
Thread-Topic: Feedback for draft-ietf-mile-rolie-vuln-02
Thread-Index: AQHVjcNJEJQcHlADd069MBmZLvbiyKdwbD2A
Date: Mon, 28 Oct 2019 19:14:20 +0000
Message-ID: <83A8B4DD-C684-46C3-A92C-DD6953C0A201@nist.gov>
References: <CBE1C9E2-A603-4FC2-AEF9-B005FFC3CD14@nist.gov>
In-Reply-To: <CBE1C9E2-A603-4FC2-AEF9-B005FFC3CD14@nist.gov>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3445.104.11)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=alexander.nelson@nist.gov;
x-originating-ip: [2610:20:6033:252::ced]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 1608c0d0-2245-4b36-7a4d-08d75bdb094d
x-ms-traffictypediagnostic: DM6PR09MB3482:
x-microsoft-antispam-prvs: <DM6PR09MB3482011329672088CF915652FD660@DM6PR09MB3482.namprd09.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0204F0BDE2
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(39850400004)(396003)(366004)(346002)(376002)(189003)(199004)(53754006)(99286004)(66556008)(86362001)(4744005)(316002)(6916009)(6436002)(33656002)(229853002)(99936001)(5640700003)(305945005)(6246003)(7736002)(6486002)(478600001)(6512007)(66946007)(2351001)(5660300002)(71200400001)(71190400001)(2906002)(36756003)(25786009)(6116002)(66616009)(102836004)(76176011)(53546011)(6506007)(186003)(66476007)(91956017)(76116006)(66446008)(64756008)(2501003)(46003)(1730700003)(50226002)(476003)(8936002)(446003)(81156014)(11346002)(81166006)(486006)(2616005)(8676002)(14454004)(256004); DIR:OUT; SFP:1102; SCL:1; SRVR:DM6PR09MB3482; H:DM6PR09MB3593.namprd09.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: a9w+6GQO5o3ke6r65kKC7I+tLJdWnbMhnJXpspx3ugekdIFp6gBsJkpKWnKTEElxPzgs2b/hlKkDC10/8CxLweGqmb7rQLdyAdsjie2qW9+xSQn2fQkRx1l6TKIN4nIPHKhERMzxa4WeiAkZC09NU992PvkZpD2HsNP0AjCJ7QCMNNLtnKPNEiov8ZwuORcLgexjqqVPhvQ2ZCpBbp0Ib+oqBJrRb+Ah/u9sv+KQlurxAMhYiJUYunu8QfdFperQlgtlzcmKb+85DJkRJ5xseFqWMKw/bJ6+luC30RIUelHADkdOaUAgInGbxuu6sfgmX7rG5iK+sDxMWo7Mkl5J0IpZ6Yb8LmyRgdLPUibgjoIAF3oSQWeRf93PUN4fUjPwGMtzTZSIJ6sRtCTQbrJHNYNoxyXzahcfMBcc6nI9x5wcqyHIWCicSYZtY++GiTkh
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; boundary="Apple-Mail=_B5A05E02-E007-40DB-965F-6FC6DFDD3F5A"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-Network-Message-Id: 1608c0d0-2245-4b36-7a4d-08d75bdb094d
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Oct 2019 19:14:20.7113 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 88vit++xMVwcxOs9D1W01LoD3fXjTWsLpAhP5OgkCkC0xkgtfhIcd9TGrhJTtLbE
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR09MB3482
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/gucErIF1LtrmLhxe0KGz2oqvep4>
Subject: Re: [mile] Feedback for draft-ietf-mile-rolie-vuln-02
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Oct 2019 19:14:25 -0000

Hello all,

I apologize, I had a typo in my narrative.  I edited document version 02, but Stephen informed me these apply to version 03.

--Alex


> On Oct 28, 2019, at 3:09 PM, Nelson, Alexander J. (Fed) <alexander.nelson@nist.gov> wrote:
> 
> Hello all,
> 
> I was asked to review this document.  From some travel timing, the current version of the document is 03, but Stephen informed me that these still happen to apply to version 03.
> 
> Nits:
> * Section 1, paragraph 4: "...format issue, this work..." - this comma causes [conjoined sentences].
> * Section 4.2, paragraph 1: "...to be considered a 'CVE Entry'..." - is the definition of terms supposed to be done within a deep section like this? (This is more my question on the RFC editorial style. I could see this going in a Section 2.1, "Defined in this document," meant for the "to-export" terms.)
> * Bibliography, [cvexml]: There is a spooky comma floating around.
> 
> Fortunately, that's all. The document otherwise looks straightforward to me.
> 
> --Alex