Skip to main content

Managed Incident Lightweight Exchange
charter-ietf-mile-04

Yes

(Alexey Melnikov)

No Objection

(Adam Roach)
(Ignas Bagdonas)
(Martin Vigoureux)
(Suresh Krishnan)

Note: This ballot was opened for revision 03-00 and is now closed.

Ballot question: "Is this charter ready for external review?"

Alexey Melnikov Former IESG member
Yes
Yes (for -03-00) Not sent

                            
Adam Roach Former IESG member
No Objection
No Objection (for -03-00) Not sent

                            
Alissa Cooper Former IESG member
(was Block) No Objection
No Objection (2018-10-31 for -03-03) Sent
Thanks for addressing my comments.
Alvaro Retana Former IESG member
No Objection
No Objection (2018-10-24 for -03-00) Not sent
I agree with Spencer -- the terminology should be corrected before external review.
Ben Campbell Former IESG member
No Objection
No Objection (2018-10-24 for -03-00) Sent
I agree with Spencer's comment.

I was going to comment that perhaps this needed some cross-area participation from ART, but then noticed the responsible AD :-)
Benjamin Kaduk Former IESG member
No Objection
No Objection (2018-10-25 for -03-00) Not sent
[nothing to add to what is already in other ballot positions]
Ignas Bagdonas Former IESG member
No Objection
No Objection (for -03-00) Not sent

                            
Martin Vigoureux Former IESG member
No Objection
No Objection (for -03-00) Not sent

                            
Mirja K├╝hlewind Former IESG member
No Objection
No Objection (2018-10-25 for -03-00) Sent
Agree with others: "transport protocol" seems rather confusing.
Spencer Dawkins Former IESG member
No Objection
No Objection (2018-10-23 for -03-00) Sent
I don't think I have a BLOCKing concern with what's being proposed, but I do have a significant concern about how it's being characterized.

In this text,

"The MILE WG is focused on two areas: standardizing a data format for
representing incident and indicator data, and standardizing transport
protocol(s) for sharing the structured data"

and in this text, 

"Though the working group also adopted Real-time Inter-network Defense (RID, RFC
6545) as further enabling information exchange of security policy, its
transport mechanism, based on the Simple Object Access Protocol (SOAP), led to
the second focus for MILE: adopting more modern transport through the adoption
of a RESTful interface through ROLIE (Resource-oriented lightweight information
exchange, RFC 8322) and the adoption of a publish-subscribe model through
XMPP-Grid (draft-ietf-mile-xmpp-grid). The MILE WG will continue to:

"- Update and enhance these transport protocols to optimize their performance
and representations. More explicitly, documenting how ROLIE can transport JSON
representations.

"- Define and document how these transport protocols can also be used to support
other security information exchange formats. For example, documenting how ROLIE
can transport STIX (Secure Threat Intelligence eXchange) data."

I'm not sure that what I think is being described, is exactly "standardizing transport protocol(s)". I THINK it's more like "standardizing mapping onto an application substrate", if I'm using the vocabulary of https://tools.ietf.org/html/draft-ietf-httpbis-bcp56bis-07 correctly, and I'm wondering whether all of these formats would end up riding over HTTP, which would shorten any conversation about my ballot a lot. 

Am I confused here? 

If this work is correctly described as "standardizing a transport protocol", I should probably be balloting BLOCK.
Suresh Krishnan Former IESG member
No Objection
No Objection (for -03-00) Not sent