The Intrusion Detection Message Exchange Format (IDMEF)
Draft of message to be sent after approval:
From: The IESG <email@example.com> To: IETF-Announce <firstname.lastname@example.org> Cc: Internet Architecture Board <email@example.com>, RFC Editor <firstname.lastname@example.org>, idwg mailing list <email@example.com>, idwg chair <firstname.lastname@example.org> Subject: Document Action: 'The Intrusion Detection Message Exchange Format' to Experimental RFC The IESG has approved the following document: - 'The Intrusion Detection Message Exchange Format ' <draft-ietf-idwg-idmef-xml-17.txt> as an Experimental RFC This document is the product of the Intrusion Detection Exchange Format Working Group. The IESG contact persons are Sam Hartman and Tim Polk. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-idwg-idmef-xml-17.txt
Technical Summary Different elements of intrusion detection systems (IDS) need to communicate with each other. This document defines a standard data model, and implements it as an XML DTD. Working Group Summary There were no major issues during the original approval of this document. However the working group lost momentum addressing IESG comments. By the time the document was next reviewed there was not enough of a working group to form an informed consensus. So this document is being advanced as an experimental submission rather than proposed standard. Protocol Quality This document was reviewed for the IESG by Steve Bellovin. IESG Note The content of this RFC was at one time considered by the IETF, but the working group concluded before this work was approved as a standards-track protocol. This RFC is not a candidate for any level of Internet Standard. The IETF disclaims any knowledge of the fitness of this RFC for any purpose and in particular notes that the decision to publish is not based on complete IETF review for such things as security, congestion control, or inappropriate interaction with deployed protocols. The IESG has chosen to publish this document in order to document the work as it was when the working group concluded and to encourage experimentation and development of the technology. Readers of this RFC should exercise caution in evaluating its value for implementation and deployment.