[OPSEC] Document Action: 'Indicators of Compromise (IoCs) and Their Role in Attack Defence' to Informational RFC (draft-ietf-opsec-indicators-of-compromise-04.txt)
The IESG <iesg-secretary@ietf.org> Fri, 03 February 2023 19:17 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: opsec@ietf.org
Delivered-To: opsec@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id EE5D4C13781E; Fri, 3 Feb 2023 11:17:16 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 9.8.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, draft-ietf-opsec-indicators-of-compromise@ietf.org, furry13@gmail.com, opsec-chairs@ietf.org, opsec@ietf.org, rfc-editor@rfc-editor.org, warren@kumari.net
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <167545183697.39093.7239469818709928718@ietfa.amsl.com>
Date: Fri, 03 Feb 2023 11:17:16 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/jK1Ncxx9Tc35eVlzac0RY9mEhmM>
Subject: [OPSEC] Document Action: 'Indicators of Compromise (IoCs) and Their Role in Attack Defence' to Informational RFC (draft-ietf-opsec-indicators-of-compromise-04.txt)
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.39
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Feb 2023 19:17:17 -0000
The IESG has approved the following document: - 'Indicators of Compromise (IoCs) and Their Role in Attack Defence' (draft-ietf-opsec-indicators-of-compromise-04.txt) as Informational RFC This document is the product of the Operational Security Capabilities for IP Network Infrastructure Working Group. The IESG contact persons are Warren Kumari and Robert Wilton. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-opsec-indicators-of-compromise/ Technical Summary This draft reviews the fundamentals, opportunities, operational limitations, and best practices of Indicators of Compromise (IoC use). It highlights the need for IoCs to be detectable in implementations of Internet protocols, tools, and technologies - both for the IoCs' initial discovery and their use in detection - and provides a foundation for new approaches to operational challenges in network security. Working Group Summary There was no notable controversy - the document is a "tutorial/background/educational" type document, and this limits the controversy some. Document Quality The document is very readable - it provides useful and important OPSEC background. Personnel Jen Linkova is DS Warren Kumari is RAD!!!!