Re: [secdir] EU Cyber Security Strategy.

"Moriarty, Kathleen" <> Wed, 30 January 2013 22:03 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id AF31821F877B; Wed, 30 Jan 2013 14:03:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.025
X-Spam-Status: No, score=-2.025 tagged_above=-999 required=5 tests=[AWL=0.573, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id eNgW9OMhVjCt; Wed, 30 Jan 2013 14:03:36 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id A242721F877A; Wed, 30 Jan 2013 14:03:35 -0800 (PST)
Received: from ( []) by (Switch-3.4.3/Switch-3.4.3) with ESMTP id r0UM3XFu007085 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 30 Jan 2013 17:03:34 -0500
Received: from ( []) by (RSA Interceptor); Wed, 30 Jan 2013 17:03:14 -0500
Received: from ( []) by (Switch-3.4.3/Switch-3.4.3) with ESMTP id r0UM3Bfk007353; Wed, 30 Jan 2013 17:03:12 -0500
Received: from ([]) by ([]) with mapi; Wed, 30 Jan 2013 17:03:11 -0500
From: "Moriarty, Kathleen" <>
To: Olaf Kolkman <>, "" <>
Date: Wed, 30 Jan 2013 17:03:10 -0500
Thread-Topic: [secdir] EU Cyber Security Strategy.
Thread-Index: Ac39Vcq0A1u5Kb98QIG93zkkljDXsQB3sdog
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_F5063677821E3B4F81ACFB7905573F24CE9E25B2MX15Acorpemccom_"
MIME-Version: 1.0
Cc: IAB IAB <>, Hannes Tschofenig <>
Subject: Re: [secdir] EU Cyber Security Strategy.
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 30 Jan 2013 22:03:36 -0000

Thank you for sending out the information.  The IETF working group called Managed incident Lightweight Exchange (MILE) has standards that can be used and referenced in this space.  We are just about to begin work on revising RFC5070 to update the data model to meet current use cases.  It would be great to have their input to ensure their use cases are met as a number of vendors are interested in using international standards to enable information sharing.

If they need to reference ISO or ITU-T standards, there are actually ITU-T Recommendations that point to several of the key RFCs:
x.1540  is reference to RFC5070
x.1580 is a reference to RFC6545
x.1581 is a reference to  RFC6546

I am involved in several efforts using the standards and am happy to help with more information or connection points that are possible now or in the future.

Best regards,

From: [] On Behalf Of Olaf Kolkman
Sent: Monday, January 28, 2013 7:42 AM
Cc: IAB IAB; Hannes Tschofenig
Subject: [secdir] EU Cyber Security Strategy.


This mail is FYI, it may be of business/personal interest to some of you.
I have a specific question.

Context: MSP for ICT St.

You may or may not be aware that the EU has a Multi Stakeholder Platform for ICT standardization. One of the stakeholders at the table is the IETF/IAB and your truly is, with Hannes Tschofenig as backup, the representative for the IETF/IAB.

The platform is chartered to give the Commission advise on all matters standard and to identify standards, developed by fora and consortia, that can be used in public procurement (formally RFCs can not be reference in EU procurement: when these folk talk about standards they think ISO, ITU, ETSI etc etc.)

Specific: EU Cyber Sec Strat.

What is attached is part on the advise on all matters standard aspect. The document gives a short executive level overview of what the EU intends with its cyber security strategy. The document is FYI mainly.

However I have one particular bit of information that I need. See the section on "Where do standards come in". I do not think there is any relevant IETF work in this area (info exchange and such) and would like to get guidance if that is a misunderstanding.

The platform is having its 3rd meeting 7 Feb.