An Incident Object Description Exchange Format (IODEF) Extension for Structured Cybersecurity Information
RFC 7203

Approval announcement
Draft of message to be sent after approval:

From: The IESG <>
To: IETF-Announce <>
Cc: RFC Editor <>,
    mile mailing list <>,
    mile chair <>
Subject: Protocol Action: 'IODEF-extension for structured cybersecurity information' to Proposed Standard (draft-ietf-mile-sci-13.txt)

The IESG has approved the following document:
- 'IODEF-extension for structured cybersecurity information'
  (draft-ietf-mile-sci-13.txt) as Proposed Standard

This document is the product of the Managed Incident Lightweight Exchange
Working Group.

The IESG contact persons are Sean Turner and Stephen Farrell.

A URL of this Internet Draft is:

Technical Summary

The document extends the Incident Object Description Exchange Format (IODEF)
defined in RFC 5070 [RFC5070] to exchange enriched cybersecurity information .
It provides the capability of embedding structured information, such as
identifier- and XML-based information. It defines an IANA registry of external
schemas that can be referenced from IODEF documents.

Working Group Summary and Document Quality

The document received extensive review from the working group, which led to
significant changes in the document. Earlier versions of the document had
significant potential IPR issues (references to trademarked schema names) as
well as reference issues (normative references to non-standards documents);
these have all been resolved satisfactorily by moving these references to an
IANA registry of SCI specifications, and providing for long-term references to the
MTI schema, MMDEF.


   Brian Trammell is the doc shepherd.
   Sean Turner is the responsible AD.