The Incident Object Description Exchange Format
Draft of message to be sent after approval:
From: The IESG <email@example.com> To: IETF-Announce <firstname.lastname@example.org> Cc: Internet Architecture Board <email@example.com>, RFC Editor <firstname.lastname@example.org>, inch mailing list <email@example.com>, inch chair <firstname.lastname@example.org> Subject: Protocol Action: 'The Incident Object Description Exchange Format' to Proposed Standard The IESG has approved the following document: - 'The Incident Object Description Exchange Format ' <draft-ietf-inch-iodef-15.txt> as a Proposed Standard This document is the product of the Extended Incident Handling Working Group. The IESG contact persons are Sam Hartman and Tim Polk. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-inch-iodef-15.txt
Technical Summary The Incident Object Description Exchange Format (IODEF) defines a data representation that provides a framework for sharing information commonly exchanged by Computer Security Incident Response Teams (CSIRTs) about computer security incidents. This document describes the data model for the IODEF and provides the associated XML Schema. Working Group Summary There was consensus in the WG to publish this document. The WG has since closed but this is being treated as a WG document based on this consensus. Document Quality There are seven implementations of the IODEF that provided useful feedback on the completeness and quality of the specification. These implementations come from CERT-Verbund (SIRIOS), Cooper-Cain Inc.* (Anti-Phishing WG), Cyber Solutions Inc.*, DFLabs*, eCSIRT.net, MIT Lincoln Labs*, and NTT*. Furthermore, a subset of these organizations (noted via an asterisk) participated in a semantics inter-operability event that also yielded additional feedback on the data model. This document has been reviewed by Sam Hartman for the IESG.