[secdir] Secdir review of draft-ietf-mile-sci
Paul Hoffman <paul.hoffman@vpnc.org> Sun, 13 October 2013 23:59 UTC
Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01B8021F9D1B for <secdir@ietfa.amsl.com>; Sun, 13 Oct 2013 16:59:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RWxM4Dba8bCN for <secdir@ietfa.amsl.com>; Sun, 13 Oct 2013 16:59:31 -0700 (PDT)
Received: from hoffman.proper.com (IPv6.Hoffman.Proper.COM [IPv6:2605:8e00:100:41::81]) by ietfa.amsl.com (Postfix) with ESMTP id DFD6021F9AA8 for <secdir@ietf.org>; Sun, 13 Oct 2013 16:59:21 -0700 (PDT)
Received: from [10.20.30.90] (50-0-66-41.dsl.dynamic.sonic.net [50.0.66.41]) (authenticated bits=0) by hoffman.proper.com (8.14.7/8.14.7) with ESMTP id r9DNxKIg018160 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO) for <secdir@ietf.org>; Sun, 13 Oct 2013 16:59:21 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
X-Authentication-Warning: hoffman.proper.com: Host 50-0-66-41.dsl.dynamic.sonic.net [50.0.66.41] claimed to be [10.20.30.90]
From: Paul Hoffman <paul.hoffman@vpnc.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-Id: <F9D4F762-F340-4212-BEA2-AC9BDB5F2221@vpnc.org>
Date: Sun, 13 Oct 2013 16:59:20 -0700
To: secdir <secdir@ietf.org>
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
X-Mailer: Apple Mail (2.1510)
Subject: [secdir] Secdir review of draft-ietf-mile-sci
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Oct 2013 23:59:32 -0000
draft-ietf-mile-sci, "IODEF-extension for structured cybersecurity information", describes extensions to the IODEF format to describe "cybersecurity information" such as types of attacks, vulnerabilities, and so on. This extension allows systems exchanging IODEF information to use a more standardized way to describe these specific types of information in XML. The security considerations section basically says "when you transport sensitive cybersecurity information, do so carefully" which is probably sufficient because there are already standardized ways of securely transporting IODEF items, particularly RID. Nothing in this document warrants more security than what is already being transported in IODEF messages today. --Paul Hoffman
- [secdir] Secdir review of draft-ietf-mile-sci Paul Hoffman