Technical Summary
The Incident Object Description Exchange Format (IODEF) defines a
data representation that provides a framework for sharing information
commonly exchanged by Computer Security Incident Response Teams
(CSIRTs) about computer security incidents. This document describes
the data model for the IODEF and provides the associated XML Schema.
Working Group Summary
There was consensus in the WG to publish this document. The WG has
since closed
but this is being treated as a WG document based on this consensus.
Document Quality
There are seven implementations of the IODEF that provided useful
feedback on the completeness and quality of the specification. These
implementations come from CERT-Verbund (SIRIOS), Cooper-Cain Inc.*
(Anti-Phishing WG), Cyber Solutions Inc.*, DFLabs*, eCSIRT.net, MIT
Lincoln Labs*, and NTT*. Furthermore, a subset of these organizations
(noted via an asterisk) participated in a semantics inter-operability
event that also yielded additional feedback on the data model. This
document has been reviewed by Sam Hartman for the IESG.