Enumeration Reference Format for the Incident Object Description Exchange Format (IODEF)
RFC 7495

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: RFC Editor <rfc-editor@rfc-editor.org>,
    mile mailing list <mile@ietf.org>,
    mile chair <mile-chairs@tools.ietf.org>
Subject: Protocol Action: 'IODEF Enumeration Reference Format' to Proposed Standard (draft-ietf-mile-enum-reference-format-14.txt)

The IESG has approved the following document:
- 'IODEF Enumeration Reference Format'
  (draft-ietf-mile-enum-reference-format-14.txt) as Proposed Standard

This document is the product of the Managed Incident Lightweight Exchange
Working Group.

The IESG contact persons are Kathleen Moriarty and Stephen Farrell.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-ietf-mile-enum-reference-format/


Technical Summary

   The Incident Object Description Exchange Format (IODEF) is an XML
   data representation framework for sharing information about computer
   security incidents.  In IODEF, the Reference class provides
   references to externally specified information such as a
   vulnerability, IDS alert, malware sample, advisory, or attack
   technique.  In practice, these references are based on external
   enumeration specifications that define both the enumeration format
   and the specific enumeration values, but the IODEF Reference class
   (as specified in IODEF v1 in RFC 5070) does not indicate how to
   include both of these important pieces of information.

   This memo establishes a stand-alone data format to include both the
   external specification and specific enumeration identification value,
   and establishes an IANA registry to manage external enumeration
   specifications.  While this memo does not update IODEV v1, this
   enumeration reference format is used in IODEF v2 and is applicable to
   other formats that support this class of enumeration references.

Working Group Summary

   This update is straightforward, and there was no difficulty coming to consensus
   on all points. The document received extensive review by the MILE working
   group since its first draft (published on September 1, 2012). The format of the
   identifier has been discussed and revised. Consequently, the structure of IANA
   registry has also been revised over time. All the discussion comments were
   reflected to the current version of the draft. The draft has completed WGLC
   and represents the consensus of the WG with no controversy. We believe the
   working group is solidly behind this. 

Document Quality

   The draft is pretty straightforward way of including references for 
   existing enumeration formats, like CVE in a consistent way within
   an IODEF report and has received adequate review by the working group.

   Expert review has been requested and provided from the 
   AppsDir with a focus on the XML schema changes.

Personnel

  The document shepherd is David Waltermire. 
  The responsible Area Director is Kathleen Moriarty.   

   The document creates an IANA registry for identifiers to be
   referenced from IODEFF's Reference class subject to expert
   review and specification required.


IANA Note

  'The registries use the 5226 'Specification Required' with expert review
   registration policy.