[rfc-dist] RFC 8274 on Incident Object Description Exchange Format Usage Guidance
rfc-editor@rfc-editor.org Mon, 20 November 2017 20:40 UTC
Return-Path: <rfc-dist-bounces@rfc-editor.org>
X-Original-To: ietfarch-rfc-dist-archive@ietfa.amsl.com
Delivered-To: ietfarch-rfc-dist-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5445A12EAB0 for <ietfarch-rfc-dist-archive@ietfa.amsl.com>; Mon, 20 Nov 2017 12:40:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bK_aNOJbfGau for <ietfarch-rfc-dist-archive@ietfa.amsl.com>; Mon, 20 Nov 2017 12:40:23 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DA72120713 for <rfc-dist-archive-yuw6Xa6hiena@ietf.org>; Mon, 20 Nov 2017 12:40:23 -0800 (PST)
Received: from rfcpa.amsl.com (localhost [IPv6:::1]) by rfc-editor.org (Postfix) with ESMTP id DA409B81AF8; Mon, 20 Nov 2017 12:40:19 -0800 (PST)
X-Original-To: rfc-dist@rfc-editor.org
Delivered-To: rfc-dist@rfc-editor.org
Received: by rfc-editor.org (Postfix, from userid 30) id 359C8B81AF4; Mon, 20 Nov 2017 12:40:18 -0800 (PST)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
X-PHP-Originating-Script: 1005:ams_util_lib.php
From: rfc-editor@rfc-editor.org
Message-Id: <20171120204018.359C8B81AF4@rfc-editor.org>
Date: Mon, 20 Nov 2017 12:40:18 -0800
Subject: [rfc-dist] RFC 8274 on Incident Object Description Exchange Format Usage Guidance
X-BeenThere: rfc-dist@rfc-editor.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: RFC Announcements <rfc-dist.rfc-editor.org>
List-Unsubscribe: <https://www.rfc-editor.org/mailman/options/rfc-dist>, <mailto:rfc-dist-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <http://www.rfc-editor.org/pipermail/rfc-dist/>
List-Post: <mailto:rfc-dist@rfc-editor.org>
List-Help: <mailto:rfc-dist-request@rfc-editor.org?subject=help>
List-Subscribe: <https://www.rfc-editor.org/mailman/listinfo/rfc-dist>, <mailto:rfc-dist-request@rfc-editor.org?subject=subscribe>
Cc: mile@ietf.org, drafts-update-ref@iana.org, rfc-editor@rfc-editor.org
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: rfc-dist-bounces@rfc-editor.org
Sender: rfc-dist <rfc-dist-bounces@rfc-editor.org>
A new Request for Comments is now available in online RFC libraries. RFC 8274 Title: Incident Object Description Exchange Format Usage Guidance Author: P. Kampanakis, M. Suzuki Status: Informational Stream: IETF Date: November 2017 Mailbox: pkampana@cisco.com, mio@nict.go.jp Pages: 33 Characters: 67602 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-ietf-mile-iodef-guidance-11.txt URL: https://www.rfc-editor.org/info/rfc8274 DOI: 10.17487/RFC8274 The Incident Object Description Exchange Format (IODEF) v2 (RFC7970) defines a data representation that provides a framework for sharing information about computer security incidents commonly exchanged by Computer Security Incident Response Teams (CSIRTs) . Since the IODEF model includes a wealth of available options that can be used to describe a security incident or issue, it can be challenging for security practitioners to develop tools that leverage IODEF for incident sharing. This document provides guidelines for IODEF implementers. It addresses how common security indicators can be represented in IODEF and use-cases of how IODEF is being used. This document aims to make IODEF's adoption by vendors easier and encourage faster and wider adoption of the model by CSIRTs around the world. This document is a product of the Managed Incident Lightweight Exchange Working Group of the IETF. INFORMATIONAL: This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce and rfc-dist lists. To subscribe or unsubscribe, see https://www.ietf.org/mailman/listinfo/ietf-announce https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist For searching the RFC series, see https://www.rfc-editor.org/search For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team Association Management Solutions, LLC _______________________________________________ rfc-dist mailing list rfc-dist@rfc-editor.org https://www.rfc-editor.org/mailman/listinfo/rfc-dist http://www.rfc-editor.org