Indicators of Compromise (IoCs) and Their Role in Attack Defence
draft-ietf-opsec-indicators-of-compromise-04

• Status
• IESG evaluation record
• IESG writeups
• Email expansions
• History

Approval announcement
Draft of message to be sent after approval:

Announcement

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: The IESG <iesg@ietf.org>, draft-ietf-opsec-indicators-of-compromise@ietf.org, furry13@gmail.com, opsec-chairs@ietf.org, opsec@ietf.org, rfc-editor@rfc-editor.org, warren@kumari.net
Subject: Document Action: 'Indicators of Compromise (IoCs) and Their Role in Attack Defence' to Informational RFC (draft-ietf-opsec-indicators-of-compromise-04.txt)

The IESG has approved the following document:
- 'Indicators of Compromise (IoCs) and Their Role in Attack Defence'
  (draft-ietf-opsec-indicators-of-compromise-04.txt) as Informational RFC

This document is the product of the Operational Security Capabilities for IP
Network Infrastructure Working Group.

The IESG contact persons are Warren Kumari and Robert Wilton.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-opsec-indicators-of-compromise/

Ballot Text

Technical Summary

   This draft reviews the fundamentals, opportunities, operational limitations, and best practices of Indicators of Compromise (IoC use).
   It highlights the need for IoCs to be detectable in implementations of Internet protocols, tools, and technologies - both for the IoCs' initial discovery and their use in detection - and provides a foundation for new approaches to operational challenges in network security.

Working Group Summary

   There was no notable controversy - the document is a "tutorial/background/educational" type document, and this limits the controversy some.

Document Quality

   The document is very readable - it provides useful and important OPSEC background.

Personnel

   Jen Linkova is DS
   Warren Kumari is RAD!!!!

RFC Editor Note