[mile] [Technical Errata Reported] RFC7970 (6170)
RFC Errata System <rfc-editor@rfc-editor.org> Mon, 11 May 2020 20:47 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C77C3A0CE1 for <mile@ietfa.amsl.com>; Mon, 11 May 2020 13:47:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.807
X-Spam-Level:
X-Spam-Status: No, score=-1.807 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, CTE_8BIT_MISMATCH=0.093, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZcmiuU4muIsn for <mile@ietfa.amsl.com>; Mon, 11 May 2020 13:47:10 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE78F3A0958 for <mile@ietf.org>; Mon, 11 May 2020 13:47:09 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id C82D6F406F2; Mon, 11 May 2020 13:46:55 -0700 (PDT)
To: rdd@cert.org, rdd@cert.org, kaduk@mit.edu, ncamwing@cisco.com, takeshi_takahashi@nict.go.jp
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: fpoirotte@gmail.com, mile@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20200511204655.C82D6F406F2@rfc-editor.org>
Date: Mon, 11 May 2020 13:46:55 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/r_eeAX38k29IGeL1Ig9hxC1mRGc>
Subject: [mile] [Technical Errata Reported] RFC7970 (6170)
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 May 2020 20:47:12 -0000
The following errata report has been submitted for RFC7970, "The Incident Object Description Exchange Format Version 2". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid6170 -------------------------------------- Type: Technical Reported by: François Poirotte <fpoirotte@gmail.com> Section: 3.29.3.1 Original Text ------------- The attributes of the BulkObservable class are: type Optional. ENUM. The type of the observable listed in the child ObservableList class. These values are maintained in the "BulkObservable-type" IANA registry per Section 10.2. 1. asn. Autonomous System Number (per the Address@category attribute). 2. atm. Asynchronous Transfer Mode (ATM) address (per the Address@category attribute). 3. e-mail. Email address (per the Address@category attribute). 4. ipv4-addr. IPv4 host address in dotted-decimal notation, e.g., 192.0.2.1 (per the Address@category attribute). 5. ipv4-net. IPv4 network address in dotted-decimal notation, slash, significant bits, e.g., 192.0.2.0/24 (per the Address@category attribute). 6. ipv4-net-mask. IPv4 network address in dotted-decimal notation, slash, network mask in dotted-decimal notation, i.e., 192.0.2.0/255.255.255.0 (per the Address@category attribute). 7. ipv6-addr. IPv6 host address, e.g., 2001:DB8::3 (per the Address@category attribute). 8. ipv6-net. IPv6 network address, slash, significant bits, e.g., 2001:DB8::/32 (per the Address@category attribute). 9. ipv6-net-mask. IPv6 network address, slash, network mask (per the Address@category attribute). 10. mac. Media Access Control (MAC) address, i.e., a:b:c:d:e:f (per the Address@category attribute). 11. site-uri. A URL or URI for a resource (per the Address@category attribute). 12. domain-name. A fully qualified domain name or part of a name (e.g., fqdn.example.com, example.com). 13. domain-to-ipv4. A mapping of FQDN to IPv4 address specified as a comma-separated list (e.g., "fqdn.example.com, 192.0.2.1"). 14. domain-to-ipv6. A mapping of FQDN to IPv6 address specified as a comma-separated list (e.g., "fqdn.example.com, 2001:DB8::3"). 15. domain-to-ipv4-timestamp. Same as domain-to-ipv4 but with a timestamp (in the DATETIME format) of the resolution (e.g., "fqdn.example.com, 192.0.2.1, 2015-06-11T00:38:31-06:00"). 16. domain-to-ipv6-timestamp. Same as domain-to-ipv6 but with a timestamp (in the DATETIME format) of the resolution (e.g., "fqdn.example.com, 2001:DB8::3, 2015-06-11T00:38:31-06:00"). 17. ipv4-port. An IPv4 address, port, and protocol tuple (e.g., 192.0.2.1, 80, TCP). The protocol name corresponds to the "Keyword" column in the "Assigned Internet Protocol Numbers" registry [IANA.Protocols]. 18. ipv6-port. An IPv6 address, port, and protocol tuple (e.g., 2001:DB8::3, 80, TCP). The protocol name corresponds to the "Keyword" column in the "Assigned Internet Protocol Numbers" registry [IANA.Protocols]. 19. windows-reg-key. A Microsoft Windows registry key. 20. file-hash. A file hash. The format of this hash is described in the Hash class that MUST be present in a sibling BulkObservableFormat class. Corrected Text -------------- The attributes of the BulkObservable class are: type Optional. ENUM. The type of the observable listed in the child ObservableList class. These values are maintained in the "BulkObservable-type" IANA registry per Section 10.2. 1. asn. Autonomous System Number (per the Address@category attribute). 2. atm. Asynchronous Transfer Mode (ATM) address (per the Address@category attribute). 3. e-mail. Email address (per the Address@category attribute). 4. ipv4-addr. IPv4 host address in dotted-decimal notation, e.g., 192.0.2.1 (per the Address@category attribute). 5. ipv4-net. IPv4 network address in dotted-decimal notation, slash, significant bits, e.g., 192.0.2.0/24 (per the Address@category attribute). 6. ipv4-net-mask. IPv4 network address in dotted-decimal notation, slash, network mask in dotted-decimal notation, i.e., 192.0.2.0/255.255.255.0 (per the Address@category attribute). 7. ipv6-addr. IPv6 host address, e.g., 2001:DB8::3 (per the Address@category attribute). 8. ipv6-net. IPv6 network address, slash, significant bits, e.g., 2001:DB8::/32 (per the Address@category attribute). 9. ipv6-net-mask. IPv6 network address, slash, network mask (per the Address@category attribute). 10. mac. Media Access Control (MAC) address, i.e., a:b:c:d:e:f (per the Address@category attribute). 11. site-uri. A URL or URI for a resource (per the Address@category attribute). 12. domain-name. A fully qualified domain name or part of a name (e.g., fqdn.example.com, example.com). 13. domain-to-ipv4. A mapping of FQDN to IPv4 address specified as a comma-separated list (e.g., "fqdn.example.com, 192.0.2.1"). 14. domain-to-ipv6. A mapping of FQDN to IPv6 address specified as a comma-separated list (e.g., "fqdn.example.com, 2001:DB8::3"). 15. domain-to-ipv4-timestamp. Same as domain-to-ipv4 but with a timestamp (in the DATETIME format) of the resolution (e.g., "fqdn.example.com, 192.0.2.1, 2015-06-11T00:38:31-06:00"). 16. domain-to-ipv6-timestamp. Same as domain-to-ipv6 but with a timestamp (in the DATETIME format) of the resolution (e.g., "fqdn.example.com, 2001:DB8::3, 2015-06-11T00:38:31-06:00"). 17. ipv4-port. An IPv4 address, port, and protocol tuple (e.g., 192.0.2.1, 80, TCP). The protocol name corresponds to the "Keyword" column in the "Assigned Internet Protocol Numbers" registry [IANA.Protocols]. 18. ipv6-port. An IPv6 address, port, and protocol tuple (e.g., 2001:DB8::3, 80, TCP). The protocol name corresponds to the "Keyword" column in the "Assigned Internet Protocol Numbers" registry [IANA.Protocols]. 19. windows-reg-key. A Microsoft Windows registry key. 20. file-hash. A file hash. The format of this hash is described in the Hash class that MUST be present in the child BulkObservableFormat class. Notes ----- The description for the "file-hash" type implies that the BulkObservableFormat class (3.29.3.1.1) is a sibling of the BulkObservable class (section 3.29.3.1). This is simply not the case: * BulkObservable only appears as an aggregate class of Observable (3.29.3) * BulkObservableFormat is not one of Observable's aggregate classes Since the BulkObservable class actually has an aggregate class named BulkObservableFormat, the intent was probably to just use that child class to define the hash's format. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC7970 (draft-ietf-mile-rfc5070-bis-26) -------------------------------------- Title : The Incident Object Description Exchange Format Version 2 Publication Date : November 2016 Author(s) : R. Danyliw Category : PROPOSED STANDARD Source : Managed Incident Lightweight Exchange Area : Security Stream : IETF Verifying Party : IESG
- [mile] [Technical Errata Reported] RFC7970 (6170) RFC Errata System