draft-ietf-mile-rfc5070-bis-18.txt   draft-ietf-mile-rfc5070-bis-19.txt 
MILE Working Group R. Danyliw MILE Working Group R. Danyliw
Internet-Draft CERT Internet-Draft CERT
Obsoletes: 5070 (if approved) March 21, 2016 Obsoletes: 5070 (if approved) April 21, 2016
Intended status: Standards Track Intended status: Standards Track
Expires: September 22, 2016 Expires: October 23, 2016
The Incident Object Description Exchange Format v2 The Incident Object Description Exchange Format v2
draft-ietf-mile-rfc5070-bis-18 draft-ietf-mile-rfc5070-bis-19
Abstract Abstract
The Incident Object Description Exchange Format (IODEF) defines a The Incident Object Description Exchange Format (IODEF) defines a
data representation for security incident reports and cyber data representation for security incident reports and cyber
indicators commonly exchanged by operational security teams for indicators commonly exchanged by operational security teams for
mitigation and watch and warning. This document describes the mitigation and watch and warning. This document describes an updated
information model for the IODEF and provides an associated data model information model for the IODEF and provides an associated data model
specified with XML Schema. specified with XML Schema. This new information and data model
obsoletes [RFC5070].
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 22, 2016. This Internet-Draft will expire on October 23, 2016.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 6, line 42 skipping to change at page 6, line 42
A number of considerations were made in the design of the IODEF data A number of considerations were made in the design of the IODEF data
model. model.
o The data model found in this document is an evolution of the one o The data model found in this document is an evolution of the one
previously specified in [RFC5070]. New fields were added to previously specified in [RFC5070]. New fields were added to
represent additional information. [RFC5070] was developed represent additional information. [RFC5070] was developed
primarily to represent incident reports. This document builds primarily to represent incident reports. This document builds
upon it by adding support for cyber indicators and revising it to upon it by adding support for cyber indicators and revising it to
reflect the current challenges faced by CSIRTs. An attempt was reflect the current challenges faced by CSIRTs. An attempt was
made to preserve backward compatibility but this was not possible made to preserve backward compatibility but this was not possible
in all cases. See Section 4.4. in all cases. See Section 4.4. This document obsoletes
[RFC5070].
o The IODEF is a transport format. Therefore, the data model may o The IODEF is a transport format. Therefore, the data model may
not be the optimal archival or in-memory processing format. not be the optimal archival or in-memory processing format.
o The IODEF is intended to be a framework to convey only commonly o The IODEF is intended to be a framework to convey only commonly
exchanged information. It ensures that there are mechanisms for exchanged information. It ensures that there are mechanisms for
extensibility to support organization-specific information and extensibility to support organization-specific information and
techniques to reference information kept outside of the data techniques to reference information kept outside of the data
model. model.
 End of changes. 7 change blocks. 
7 lines changed or deleted 9 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/