[OPSEC] Last Call: <draft-ietf-opsec-indicators-of-compromise-03.txt> (Indicators of Compromise (IoCs) and Their Role in Attack Defence) to Informational RFC
The IESG <iesg-secretary@ietf.org> Fri, 09 December 2022 18:01 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: opsec@ietf.org
Delivered-To: opsec@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id BE596C14CE35; Fri, 9 Dec 2022 10:01:46 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 9.2.1
Auto-Submitted: auto-generated
Precedence: bulk
CC: draft-ietf-opsec-indicators-of-compromise@ietf.org, furry13@gmail.com, opsec-chairs@ietf.org, opsec@ietf.org, warren@kumari.net
Reply-To: last-call@ietf.org
Sender: iesg-secretary@ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <167060890676.29154.16938384763245063585@ietfa.amsl.com>
Date: Fri, 09 Dec 2022 10:01:46 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/etlra0zJTKJ95nK_3r8gAxO7UuM>
Subject: [OPSEC] Last Call: <draft-ietf-opsec-indicators-of-compromise-03.txt> (Indicators of Compromise (IoCs) and Their Role in Attack Defence) to Informational RFC
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.39
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Dec 2022 18:01:46 -0000
The IESG has received a request from the Operational Security Capabilities for IP Network Infrastructure WG (opsec) to consider the following document: - 'Indicators of Compromise (IoCs) and Their Role in Attack Defence' <draft-ietf-opsec-indicators-of-compromise-03.txt> as Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the last-call@ietf.org mailing lists by 2022-12-23. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract Cyber defenders frequently rely on Indicators of Compromise (IoCs) to identify, trace, and block malicious activity in networks or on endpoints. This draft reviews the fundamentals, opportunities, operational limitations, and best practices of IoC use. It highlights the need for IoCs to be detectable in implementations of Internet protocols, tools, and technologies - both for the IoCs' initial discovery and their use in detection - and provides a foundation for new approaches to operational challenges in network security. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-opsec-indicators-of-compromise/ No IPR declarations have been submitted directly on this I-D.