Enumeration Reference Format for the Incident Object Description Exchange Format (IODEF) (RFC7495)
Original Publication Date: 2015-Mar-01
Included in the Prior Art Database: 2015-Mar-26
Internet Society Requests For Comment (RFCs)
A. Montville: AUTHOR [+2]
There is an identified need to specify a format to include relevant enumeration values from other data representation formats in an IODEF document. It is anticipated that this requirement will exist in other standardization efforts within several IETF Working Groups, but the scope of this document pertains solely to IODEF. This format is used in IODEF v2 [IODEFv2], which will replace the original IODEF v1 [IODEF] specification; this document does not specify use of this format in IODEF v1 [IODEF].
Internet Engineering Task Force (IETF) A. Montville Request for Comments: 7495 CIS Category: Standards Track D. Black ISSN: 2070-1721 EMC March 2015
Enumeration Reference Format for the Incident Object Description Exchange Format (IODEF)
The Incident Object Description Exchange Format (IODEF) is an XML data representation framework for sharing information about computer security incidents. In IODEF, the Reference class provides references to externally specified information such as a vulnerability, Intrusion Detection System (IDS) alert, malware sample, advisory, or attack technique. In practice, these references are based on external enumeration specifications that define both the enumeration format and the specific enumeration values, but the IODEF Reference class (as specified in IODEF v1 in RFC 5070) does not indicate how to include both of these important pieces of information.
This document establishes a stand-alone data format to include both the external specification and specific enumeration identification value, and establishes an IANA registry to manage external enumeration specifications. While this document does not update IODEF v1, this enumeration reference format is used in IODEF v2 and is applicable to other formats that support this class of enumeration references.
Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7495.
Montville & Black Standards Track [Page 1]
RFC 7495 IODEF Enumeration Reference Format March 2015
Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org...