The Incident Object Description Exchange Format
RFC 5070

Approval announcement
Draft of message to be sent after approval:

From: The IESG <>
To: IETF-Announce <>
Cc: Internet Architecture Board <>,
    RFC Editor <>, 
    inch mailing list <>, 
    inch chair <>
Subject: Protocol Action: 'The Incident Object Description 
         Exchange Format' to Proposed Standard 

The IESG has approved the following document:

- 'The Incident Object Description Exchange Format '
   <draft-ietf-inch-iodef-15.txt> as a Proposed Standard

This document is the product of the Extended Incident Handling Working 

The IESG contact persons are Sam Hartman and Tim Polk.

A URL of this Internet-Draft is:

   Technical Summary
   The Incident Object Description Exchange Format (IODEF) defines a
   data representation that provides a framework for sharing information
   commonly exchanged by Computer Security Incident Response Teams
   (CSIRTs) about computer security incidents. This document describes
   the data model for the IODEF and provides the associated XML Schema.
   Working Group Summary
   There was  consensus in the WG to publish this document.  The WG has
since closed
   but this is being treated as a WG document based on this consensus.

   Document Quality
   There are seven implementations of the IODEF that provided useful
   feedback on the completeness and quality of the specification. These
   implementations come from CERT-Verbund (SIRIOS), Cooper-Cain Inc.*
   (Anti-Phishing WG), Cyber Solutions Inc.*, DFLabs*,, MIT
   Lincoln Labs*, and NTT*. Furthermore, a subset of these organizations
   (noted via an asterisk) participated in a semantics inter-operability
   event that also yielded additional feedback on the data model.  This
document has been reviewed by Sam Hartman for the IESG.