Last Call Review of draft-ietf-mile-sci-09
review-ietf-mile-sci-09-secdir-lc-hoffman-2013-10-17-00
Request | Review of | draft-ietf-mile-sci |
---|---|---|
Requested revision | No specific revision (document currently at 13) | |
Type | Last Call Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2013-10-22 | |
Requested | 2013-10-10 | |
Authors | Takeshi Takahashi , Kent Landfield , Youki Kadobayashi | |
I-D last updated | 2013-10-17 | |
Completed reviews |
Genart Last Call review of -09
by Alexey Melnikov
(diff)
Genart Telechat review of -11 by Alexey Melnikov (diff) Secdir Last Call review of -09 by Paul E. Hoffman (diff) |
|
Assignment | Reviewer | Paul E. Hoffman |
State | Completed | |
Request | Last Call review on draft-ietf-mile-sci by Security Area Directorate Assigned | |
Reviewed revision | 09 (document currently at 13) | |
Result | Ready | |
Completed | 2013-10-17 |
review-ietf-mile-sci-09-secdir-lc-hoffman-2013-10-17-00
draft-ietf-mile-sci, "IODEF-extension for structured cybersecurity information", describes extensions to the IODEF format to describe "cybersecurity information" such as types of attacks, vulnerabilities, and so on. This extension allows systems exchanging IODEF information to use a more standardized way to describe these specific types of information in XML. The security considerations section basically says "when you transport sensitive cybersecurity information, do so carefully" which is probably sufficient because there are already standardized ways of securely transporting IODEF items, particularly RID. Nothing in this document warrants more security than what is already being transported in IODEF messages today. --Paul Hoffman