Re: [mile] I-D Action: draft-ietf-mile-rfc5070-bis-16.txt
Alexey Melnikov <alexey.melnikov@isode.com> Sun, 07 February 2016 18:25 UTC
Return-Path: <alexey.melnikov@isode.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53A001A046D for <mile@ietfa.amsl.com>; Sun, 7 Feb 2016 10:25:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 3.196
X-Spam-Level: ***
X-Spam-Status: No, score=3.196 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FRT_STOCK2=3.988, J_CHICKENPOX_26=0.6, J_CHICKENPOX_34=0.6, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, T_FILL_THIS_FORM_SHORT=0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jbVJD5jmgUhv for <mile@ietfa.amsl.com>; Sun, 7 Feb 2016 10:25:26 -0800 (PST)
Received: from statler.isode.com (Statler.isode.com [62.232.206.189]) by ietfa.amsl.com (Postfix) with ESMTP id 653A61A0469 for <mile@ietf.org>; Sun, 7 Feb 2016 10:25:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1454869525; d=isode.com; s=selector; i=@isode.com; bh=UC0dEJJ0DuAOc3Shda0b6TO1QroxBQ95YVYTLSWKZVQ=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=c4LqaWH90yujYdodJWE4AeyvDJUrobNiUFA/38amJdYWFq2q3IXsYkdECM7jJT9dH6eE75 5Sv0BLCfqhGEJSn1YU2GqeyAhvZgt7XotWilyZ1601lACGWFx0vkAEf47JgwqHoTni4Ib4 /cyN4DU10lkXvhrH75j0kaDpD84SRb8=;
Received: from [192.168.0.6] (cpc5-nmal20-2-0-cust24.19-2.cable.virginm.net [92.234.84.25]) by statler.isode.com (submission channel) via TCP with ESMTPSA id <VreMFABBx6=8@statler.isode.com>; Sun, 7 Feb 2016 18:25:25 +0000
X-SMTP-Protocol-Errors: PIPELINING
From: Alexey Melnikov <alexey.melnikov@isode.com>
X-Mailer: iPad Mail (13D15)
In-Reply-To: <359EC4B99E040048A7131E0F4E113AFCD969F185@marathon>
Date: Sun, 07 Feb 2016 18:29:49 +0000
Message-Id: <DBCB2C3E-1AF3-44EB-BBF5-A3B0A46CAF96@isode.com>
References: <20160201220552.16506.51013.idtracker@ietfa.amsl.com> <359EC4B99E040048A7131E0F4E113AFCD969F185@marathon>
To: "Roman D. Danyliw" <rdd@cert.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/mile/yvkHQlsSYR9plpbyROFEeftvrf4>
Cc: "mile@ietf.org" <mile@ietf.org>
Subject: Re: [mile] I-D Action: draft-ietf-mile-rfc5070-bis-16.txt
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Feb 2016 18:25:28 -0000
Roman, Are there any outstanding issue? All, Can you check that issues you've raised (or changes in general) are to your satisfaction? Best Regards, Alexey > On 2 Feb 2016, at 02:44, Roman D. Danyliw <rdd@cert.org> wrote: > > The changelog for this draft is as follows: > > ** (schema) added XML declaration at the top of the schema > ** (text) Improve write-up of @translation-id (Section 2.4) > ** (text) Added the EXTENSION type (iodef:ExtensionType) and reference it for AdditionalData , RecordItem, FileProperties > (Section 2.16) > ** (schema) Added ExtensionType@name attribute to name the field (Section 2.16) > ** (schema) Made iodef:SoftwareType be a formal UML type, SOFTWARE. Reference it for Application, Operating System and > AssociatedSoftware (Section 2.17) > ** (text) Defined 0:1 cardinality of IndicatorData in Incident consistent with schema (Section 3.2) > ** (text) Fixed type of Incident@observable-id in diagram (Section 3.2) > ** (schema) Made @restriction optional in the schema per the text (Section 3.3.1) > ** (schema) Redefined PostalAddress, Email, Telephone and Fax for improved internationalization (Section 3.10.2-4) > ** (text) Removed Section 2.12, Person or Organization (PERSON data type) as it was not used > ** (text) Removed Section 3.11 that described the time classes (Section 3.11) > ** (text) Clarify IntendedImpact (Section 3.14) > ** (schema) Consistent cardinality in child classes of RelatedActivity (Section 3.6) > ** (schema) Define ThreatActor/{ThreatActorID,Description} as O:M consistently in text, diagram and schema (Section 3.7) > ** (schema) Define Campaign/{CampaignID,Description} as 0:M consistently in text, diagram and schema (Section 3.8) > ** (schema) Added @ext-dtype to ExtensionType missing from the schema but in the text > ** (schema) Added AdditionalData@observable-id attribute (Section 3.9) > ** (schema) Redefined SystemImpact, BusinessImpact, IntendedImpact and NodeRole to have a child Description class instead of > extending iodef:MLStringType per https://mailarchive.ietf.org/arch/msg/mile/ZFL57YU1nYr2vSobRHd1a-OohJQ (Section 3.13) > ** (text) Use Reference as the field name in the description of Method (Section 3.13) > ** (text) Fixed formatting of Reference class (Section 3.13.1) > ** (text) Use enum:ReferenceName as the field name in the description of Reference (Section 3.13.1) > ** (schema) {SystemImpact, BusinessImpact}@type is required with a default of 'unknown' per the text (Section 3.14.1 and > Section 3.14.2) > ** (schema) SystemImpact@{severity,completion} optional per the text (Section 3.14.1) > ** (schema) Removed SystemImpact@type="admin" from schema (Section 3.14.1) > ** (schema) Added TimeImpact@{ext-metric,ext-duration} to schema per the text (Section 3.14.3) > ** (text) Corrected field names in the TimeImpact diagram (Section 3.14.3) > ** (schema) Define Confidence as an extension of iodef:PositiveFloatType per the text (Section 3.14.5) > ** (schema) Removed inline SystemImpact@completion definition > ** (schema) Set System/Node to be 1:1 per the text (Section 3.19) > ** (schema) Redefined RelatedDNS to be of type EXTENSION (Section 3.20) (Issue #39) > ** (schema) Define Counter to be "xs:float" to be consistent with REAL from UML (Section 3.20) > ** (schema) Added Counter@ext-unit missing from the schema but in the text (Section 3.20.3) > ** (text) Added missing STRING definition of Address in the class diagram (Section 3.20.1) > ** (text) Removed Node/DateTime from the Node diagram (Section 3.20) > ** (schema) Removed Node/NodeRole from the schema per the text (Section 3.20) > ** (text) Updated diagram of Address to reflect base type (Section 3.20.1) > ** (schema) Make Address@category="ipv6-addr" the default (Section 3.20.1) > ** (text) Consistent use of "Zero or more" and "One or more" to describe cardinality > ** (schema) Removed yes-no-type from schema as it was not used > ** (text) Renamed NodeRole@category="c2" to "c2-server" to make the text consistent with the schema (Section 3.20.2) > ** (text) Added translation-id and/or xml:lang to diagrams/text where ML_STRING is used (Section 3.20.2) > ** (text) Require that Nameserver/Address@category={"ipv4-addr" or "ipv6-addr"} (Section 3.21.2) > ** (schema) Redefined ApplicationHeader to use iodef:ExtensionType and use the protocol information from a parent Service > class (Section 3.21.2) > ** (schema) Redefined EmailHeaderField to use iodef:ExtensionType (section 3.23) > ** (text) Clarify cardinality of the classes in Assessment (Section 3.14) > ** (text) Added reference to EMAIL data type in definition of EmailFrom (Section 3.24) > ** (schema) Added EmailData/EmailTo (Section 3.24) > ** (schema) Changed EmailTo, EmailFrom, EmailSubject and EmailX-Mailer to be xs:string (Section 3.24) > ** (schema) Reference SignatureData and AssociatedSoftware in File per the text (Section 3.27.1) > ** (schema) Added Indicator/AdditionalData per the text (Section 3.31) > ** (schema) Added Indicator/{NodeRole, AttackPhase} (Section 3.31) > ** (text) Consistent definitions of xml:lang in the text > ** (text) Updated description of all ext-* attributes that doesn't include the use of the phrase "escape value" > ** (text) Simplified Section 4.3, Validation, by removing the list of parsing considerations > ** (text) Ensure all classes that are of defined types (e.g., STRING) reference their data type > ** (text) Consistent use of cross references for sub-classes when defining the parent class > ** (text) Consistent introduction of the attribute count in the description of a class > ** (text) Consistent introduction of the sub-classes in the description of a class > ** (text) Consistent documentation of classes that do not have child classes > ** (text) Consistent depiction of class diagrams > ** (text) Reference the element content of ML_STRING derived classes as STRING > ** (schema) Define File/Application as "iodef:Application" (not a nested definition of type="iodef:SoftwareType") > ** (schema) Consistent order of recurring attributes (e.g., restriction, observable-id) in all classes > ** (text) Removed Paul Stoecker as editor per Chair direction > ** (text) reformatted schema to have consistent spacing (Issue #54) > >> -----Original Message----- >> From: mile [mailto:mile-bounces@ietf.org] On Behalf Of internet- >> drafts@ietf.org >> Sent: Monday, February 1, 2016 5:06 PM >> To: i-d-announce@ietf.org >> Cc: mile@ietf.org >> Subject: [mile] I-D Action: draft-ietf-mile-rfc5070-bis-16.txt >> >> >> A New Internet-Draft is available from the on-line Internet-Drafts directories. >> This draft is a work item of the Managed Incident Lightweight Exchange >> Working Group of the IETF. >> >> Title : The Incident Object Description Exchange Format v2 >> Author : Roman Danyliw >> Filename : draft-ietf-mile-rfc5070-bis-16.txt >> Pages : 163 >> Date : 2016-02-01 >> >> Abstract: >> The Incident Object Description Exchange Format (IODEF) defines a >> data representation for sharing information commonly exchanged by >> Computer Security Incident Response Teams (CSIRTs) about computer >> security incidents. This document describes the information model >> for the IODEF and provides an associated data model specified with >> XML Schema. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-mile-rfc5070-bis/ >> >> There's also a htmlized version available at: >> https://tools.ietf.org/html/draft-ietf-mile-rfc5070-bis-16 >> >> A diff from the previous version is available at: >> https://www.ietf.org/rfcdiff?url2=draft-ietf-mile-rfc5070-bis-16 >> >> >> Please note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> mile mailing list >> mile@ietf.org >> https://www.ietf.org/mailman/listinfo/mile > > _______________________________________________ > mile mailing list > mile@ietf.org > https://www.ietf.org/mailman/listinfo/mile
- Re: [mile] I-D Action: draft-ietf-mile-rfc5070-bi… Alexey Melnikov
- [mile] I-D Action: draft-ietf-mile-rfc5070-bis-16… internet-drafts
- Re: [mile] I-D Action: draft-ietf-mile-rfc5070-bi… Roman D. Danyliw
- Re: [mile] I-D Action: draft-ietf-mile-rfc5070-bi… Alexey Melnikov
- Re: [mile] I-D Action: draft-ietf-mile-rfc5070-bi… Takeshi Takahashi
- Re: [mile] I-D Action: draft-ietf-mile-rfc5070-bi… Roman D. Danyliw
- Re: [mile] I-D Action: draft-ietf-mile-rfc5070-bi… Roman D. Danyliw
- Re: [mile] I-D Action: draft-ietf-mile-rfc5070-bi… Alexey Melnikov