Skip to main content

The Intrusion Detection Message Exchange Format (IDMEF)
RFC 4765

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: Internet Architecture Board <>,
    RFC Editor <>, 
    idwg mailing list <>, 
    idwg chair <>
Subject: Document Action: 'The Intrusion Detection Message 
         Exchange Format' to Experimental RFC 

The IESG has approved the following document:

- 'The Intrusion Detection Message Exchange Format '
   <draft-ietf-idwg-idmef-xml-17.txt> as an Experimental RFC

This document is the product of the Intrusion Detection Exchange Format 
Working Group. 

The IESG contact persons are Sam Hartman and Tim Polk.

A URL of this Internet-Draft is:

Ballot Text

Technical Summary

Different elements of intrusion detection systems (IDS) need to
communicate with each other. This document defines a standard
data model, and implements it as an XML DTD.
Working Group Summary
  There were no major issues during the original approval of this
document.  However  the working group lost momentum addressing IESG
comments.  By the time the document was next reviewed there was not
enough of a working group to form an informed consensus.  So this
document is being advanced as an experimental submission rather than
proposed standard.
Protocol Quality
This document was reviewed for the IESG by Steve Bellovin. 


        The content of this RFC was at one time considered by the IETF,
  but the working group concluded before this work was approved as a
  standards-track protocol.  This RFC is not a candidate for any level
  of Internet Standard.  The IETF disclaims any knowledge of the
        fitness of this RFC for any purpose and in particular notes that
        the decision to publish is not based on complete IETF review for such
        things as security, congestion control, or inappropriate
        interaction with deployed protocols.  The IESG has chosen to
  publish this document in order to document the work as it was when the
  working group concluded and to encourage experimentation and
  development of the technology.  Readers of this RFC
        should exercise caution in evaluating its value for
  implementation and deployment.

RFC Editor Note