From: The IESG <email@example.com>
To: IETF-Announce <firstname.lastname@example.org>
Cc: Internet Architecture Board <email@example.com>,
RFC Editor <firstname.lastname@example.org>
Subject: Protocol Action: 'Extensions to the IODEF-Document Class for Reporting Phishing' to Proposed Standard
The IESG has approved the following document:
- 'Extensions to the IODEF-Document Class for Reporting Phishing '
<draft-cain-post-inch-phishingextns-07.txt> as a Proposed Standard
This document has been reviewed in the IETF but is not the product of an
IETF Working Group.
The IESG contact person is Tim Polk.
A URL of this Internet-Draft is:
This document extends the Incident Object Description Exchange Format
(IODEF) to support the reporting of phishing, fraud, other types of
electronic crime, and widespread spam incidents. These extensions are
specified in XML and are flexible enough to support information
gleaned from activities throughout the entire electronic fraud cycle.
Both simple reporting and complete forensic reports are possible, as
is consolidated reporting of multiple phishing incidents.
Working Group Summary
Testing and implementation of this document in the INCH WG had major
impact on the base IODEF Document as these tests were the first time
that portions of IODEF were used.
The Anti-Phishing Working group, and Sparta, Inc (under US gov't
funding) have independent implementations that create and accept
the formats defined in this document. There are a handful of CSIRTs
and fraud-repository organizations who have agreed to share data
using this format.
The XML defined in this document was validated using multiple XML
tools by more than one party.
The Document Shepherd is Tony Hansen. Tim Polk is the responsible
RFC Editor Note
In Section C.2, please make the following substitution: