Re: [mile] I-D Action: draft-ietf-mile-iodef-guidance-10.txt
"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Mon, 22 May 2017 16:24 UTC
Return-Path: <pkampana@cisco.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B35812EB23 for <mile@ietfa.amsl.com>; Mon, 22 May 2017 09:24:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.522
X-Spam-Level:
X-Spam-Status: No, score=-14.522 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l12XATjWAf-A for <mile@ietfa.amsl.com>; Mon, 22 May 2017 09:24:18 -0700 (PDT)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 82D8212EB22 for <mile@ietf.org>; Mon, 22 May 2017 09:24:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2603; q=dns/txt; s=iport; t=1495470258; x=1496679858; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=rC/aHYdS3ruiAqMokCiszhfs8ztFQn1HRLENnyejZJM=; b=Zd81rOuR1lo5ysjNT090+xXfhS3enzboyRe7uYOHL2iZe0nlAPqO+cW4 uwsVYp2rX/d1bERM+AKUeWqdZcUH1l1q1oMkMWxaUEEJqE4P5e3hYZSjx FSEPHcnUgYmQFvOLPMouZO6vMsNyr9MjDHrnCUQjx55WCW/tgkveyVulC 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CYAACWDyNZ/40NJK1dGQEBAQEBAQEBAQEBBwEBAQEBg1VigQwHjgCRdJV2gg8hC4V4AoUuPxgBAgEBAQEBAQFrKIUYAQEBAQMBATg0CwwEAgEIEQQBAR8JBycLFAkIAgQBDQUIihwOsQGLMAEBAQEBAQEBAQEBAQEBAQEBAQEBAR2GX4FegxuDIYc0BZ4WAYcci3mCDlWEZ4ovlEcBHziBCnEVHCqGdnaIHYENAQEB
X-IronPort-AV: E=Sophos;i="5.38,377,1491264000"; d="scan'208";a="426965187"
Received: from alln-core-8.cisco.com ([173.36.13.141]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 22 May 2017 16:24:17 +0000
Received: from XCH-ALN-013.cisco.com (xch-aln-013.cisco.com [173.36.7.23]) by alln-core-8.cisco.com (8.14.5/8.14.5) with ESMTP id v4MGOHrc004723 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 22 May 2017 16:24:17 GMT
Received: from xch-aln-010.cisco.com (173.36.7.20) by XCH-ALN-013.cisco.com (173.36.7.23) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Mon, 22 May 2017 11:24:16 -0500
Received: from xch-aln-010.cisco.com ([173.36.7.20]) by XCH-ALN-010.cisco.com ([173.36.7.20]) with mapi id 15.00.1210.000; Mon, 22 May 2017 11:24:17 -0500
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, Takeshi Takahashi <takeshi_takahashi@nict.go.jp>
CC: "mile@ietf.org" <mile@ietf.org>
Thread-Topic: [mile] I-D Action: draft-ietf-mile-iodef-guidance-10.txt
Thread-Index: AQHS0xbsJ4uXqpsDSkeVJf8XEvB2oaIAiFIA
Date: Mon, 22 May 2017 16:24:16 +0000
Message-ID: <31873030dd764236ace2d5eff92b5b78@XCH-ALN-010.cisco.com>
References: <149546982360.22141.8822534408920138135@ietfa.amsl.com>
In-Reply-To: <149546982360.22141.8822534408920138135@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.150.35.103]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/pd7PllpuWIR9fIzEg2xpoi4kVNI>
Subject: Re: [mile] I-D Action: draft-ietf-mile-iodef-guidance-10.txt
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 May 2017 16:24:20 -0000
Hi Nancy and Take-san, This submission addresses all feedback we received while in the WGLC . Let us know if there is anything else we should address on our end. Thank you, Panos -----Original Message----- From: mile [mailto:mile-bounces@ietf.org] On Behalf Of internet-drafts@ietf.org Sent: Monday, May 22, 2017 12:17 PM To: i-d-announce@ietf.org Cc: mile@ietf.org Subject: [mile] I-D Action: draft-ietf-mile-iodef-guidance-10.txt A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Managed Incident Lightweight Exchange of the IETF. Title : IODEF Usage Guidance Authors : Panos Kampanakis Mio Suzuki Filename : draft-ietf-mile-iodef-guidance-10.txt Pages : 34 Date : 2017-05-22 Abstract: The Incident Object Description Exchange Format v2 [RFC7970] defines a data representation that provides a framework for sharing information commonly exchanged by Computer Security Incident Response Teams (CSIRTs) about computer security incidents. Since the IODEF model includes a wealth of available options that can be used to describe a security incident or issue, it can be challenging for security practitioners to develop tools that can leverage IODEF for incident sharing. This document provides guidelines for IODEF implementers. It also addresses how common security indicators can be represented in IODEF and use-cases of how IODEF is being used. This document aims to make IODEF's adoption by vendors easier and encourage faster and wider adoption of the model by Computer Security Incident Response Teams (CSIRTs) around the world. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-mile-iodef-guidance/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-mile-iodef-guidance-10 https://datatracker.ietf.org/doc/html/draft-ietf-mile-iodef-guidance-10 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-mile-iodef-guidance-10 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ mile mailing list mile@ietf.org https://www.ietf.org/mailman/listinfo/mile
- [mile] I-D Action: draft-ietf-mile-iodef-guidance… internet-drafts
- Re: [mile] I-D Action: draft-ietf-mile-iodef-guid… Panos Kampanakis (pkampana)
- Re: [mile] I-D Action: draft-ietf-mile-iodef-guid… Charles Eckel (eckelcu)
- Re: [mile] I-D Action: draft-ietf-mile-iodef-guid… Panos Kampanakis (pkampana)