Re: [mile] I-D Action: draft-ietf-mile-iodef-guidance-10.txt

"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Mon, 22 May 2017 16:24 UTC

Return-Path: <pkampana@cisco.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B35812EB23 for <mile@ietfa.amsl.com>; Mon, 22 May 2017 09:24:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.522
X-Spam-Level:
X-Spam-Status: No, score=-14.522 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l12XATjWAf-A for <mile@ietfa.amsl.com>; Mon, 22 May 2017 09:24:18 -0700 (PDT)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 82D8212EB22 for <mile@ietf.org>; Mon, 22 May 2017 09:24:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2603; q=dns/txt; s=iport; t=1495470258; x=1496679858; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=rC/aHYdS3ruiAqMokCiszhfs8ztFQn1HRLENnyejZJM=; b=Zd81rOuR1lo5ysjNT090+xXfhS3enzboyRe7uYOHL2iZe0nlAPqO+cW4 uwsVYp2rX/d1bERM+AKUeWqdZcUH1l1q1oMkMWxaUEEJqE4P5e3hYZSjx FSEPHcnUgYmQFvOLPMouZO6vMsNyr9MjDHrnCUQjx55WCW/tgkveyVulC 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CYAACWDyNZ/40NJK1dGQEBAQEBAQEBAQEBBwEBAQEBg1VigQwHjgCRdJV2gg8hC4V4AoUuPxgBAgEBAQEBAQFrKIUYAQEBAQMBATg0CwwEAgEIEQQBAR8JBycLFAkIAgQBDQUIihwOsQGLMAEBAQEBAQEBAQEBAQEBAQEBAQEBAR2GX4FegxuDIYc0BZ4WAYcci3mCDlWEZ4ovlEcBHziBCnEVHCqGdnaIHYENAQEB
X-IronPort-AV: E=Sophos;i="5.38,377,1491264000"; d="scan'208";a="426965187"
Received: from alln-core-8.cisco.com ([173.36.13.141]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 22 May 2017 16:24:17 +0000
Received: from XCH-ALN-013.cisco.com (xch-aln-013.cisco.com [173.36.7.23]) by alln-core-8.cisco.com (8.14.5/8.14.5) with ESMTP id v4MGOHrc004723 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 22 May 2017 16:24:17 GMT
Received: from xch-aln-010.cisco.com (173.36.7.20) by XCH-ALN-013.cisco.com (173.36.7.23) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Mon, 22 May 2017 11:24:16 -0500
Received: from xch-aln-010.cisco.com ([173.36.7.20]) by XCH-ALN-010.cisco.com ([173.36.7.20]) with mapi id 15.00.1210.000; Mon, 22 May 2017 11:24:17 -0500
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, Takeshi Takahashi <takeshi_takahashi@nict.go.jp>
CC: "mile@ietf.org" <mile@ietf.org>
Thread-Topic: [mile] I-D Action: draft-ietf-mile-iodef-guidance-10.txt
Thread-Index: AQHS0xbsJ4uXqpsDSkeVJf8XEvB2oaIAiFIA
Date: Mon, 22 May 2017 16:24:16 +0000
Message-ID: <31873030dd764236ace2d5eff92b5b78@XCH-ALN-010.cisco.com>
References: <149546982360.22141.8822534408920138135@ietfa.amsl.com>
In-Reply-To: <149546982360.22141.8822534408920138135@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.150.35.103]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/pd7PllpuWIR9fIzEg2xpoi4kVNI>
Subject: Re: [mile] I-D Action: draft-ietf-mile-iodef-guidance-10.txt
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 May 2017 16:24:20 -0000

Hi Nancy and Take-san,
This submission addresses all feedback we received while in the WGLC . 
Let us know if there is anything else we should address on our end. 
Thank you,
Panos



-----Original Message-----
From: mile [mailto:mile-bounces@ietf.org] On Behalf Of internet-drafts@ietf.org
Sent: Monday, May 22, 2017 12:17 PM
To: i-d-announce@ietf.org
Cc: mile@ietf.org
Subject: [mile] I-D Action: draft-ietf-mile-iodef-guidance-10.txt


A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Managed Incident Lightweight Exchange of the IETF.

        Title           : IODEF Usage Guidance
        Authors         : Panos Kampanakis
                          Mio Suzuki
	Filename        : draft-ietf-mile-iodef-guidance-10.txt
	Pages           : 34
	Date            : 2017-05-22

Abstract:
   The Incident Object Description Exchange Format v2 [RFC7970] defines
   a data representation that provides a framework for sharing
   information commonly exchanged by Computer Security Incident Response
   Teams (CSIRTs) about computer security incidents.  Since the IODEF
   model includes a wealth of available options that can be used to
   describe a security incident or issue, it can be challenging for
   security practitioners to develop tools that can leverage IODEF for
   incident sharing.  This document provides guidelines for IODEF
   implementers.  It also addresses how common security indicators can
   be represented in IODEF and use-cases of how IODEF is being used.
   This document aims to make IODEF's adoption by vendors easier and
   encourage faster and wider adoption of the model by Computer Security
   Incident Response Teams (CSIRTs) around the world.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-mile-iodef-guidance/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-mile-iodef-guidance-10
https://datatracker.ietf.org/doc/html/draft-ietf-mile-iodef-guidance-10

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-mile-iodef-guidance-10


Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
mile mailing list
mile@ietf.org
https://www.ietf.org/mailman/listinfo/mile