Browse Prior Art Database

Enumeration Reference Format for the Incident Object Description Exchange Format (IODEF) (RFC7495) Disclosure Number: IPCOM000241091D
Original Publication Date: 2015-Mar-01
Included in the Prior Art Database: 2015-Mar-26
Document File: 20 page(s) / 20K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

A. Montville: AUTHOR [+1]


There is an identified need to specify a format to include relevant enumeration values from other data representation formats in an IODEF document. It is anticipated that this requirement will exist in other standardization efforts within several IETF Working Groups, but the scope of this document pertains solely to IODEF. This format is used in IODEF v2 [IODEFv2], which will replace the original IODEF v1 [IODEF] specification; this document does not specify use of this format in IODEF v1 [IODEF].

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 14% of the total text.

Internet Engineering Task Force (IETF)                      A. Montville Request for Comments: 7495                                           CIS Category: Standards Track                                       D. Black ISSN: 2070-1721                                                      EMC                                                               March 2015

                       Enumeration Reference Format       for the Incident Object Description Exchange Format (IODEF)


   The Incident Object Description Exchange Format (IODEF) is an XML    data representation framework for sharing information about computer    security incidents.  In IODEF, the Reference class provides    references to externally specified information such as a    vulnerability, Intrusion Detection System (IDS) alert, malware    sample, advisory, or attack technique.  In practice, these references    are based on external enumeration specifications that define both the    enumeration format and the specific enumeration values, but the IODEF    Reference class (as specified in IODEF v1 in RFC 5070) does not    indicate how to include both of these important pieces of    information.

   This document establishes a stand-alone data format to include both    the external specification and specific enumeration identification    value, and establishes an IANA registry to manage external    enumeration specifications.  While this document does not update    IODEF v1, this enumeration reference format is used in IODEF v2 and    is applicable to other formats that support this class of enumeration    references.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force    (IETF).  It represents the consensus of the IETF community.  It has    received public review and has been approved for publication by the    Internet Engineering Steering Group (IESG).  Further information on    Internet Standards is available in Section 2 of RFC 5741.

   Information about the current status of this document, any errata,    and how to provide feedback on it may be obtained at

 Montville & Black            Standards Track                    [Page 1]
 RFC 7495           IODEF Enumeration Reference Format         March 2015

 Copyright Notice

   Copyright (c) 2015 IETF Trust and the persons identified as the    document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal    Provisions Relating to IETF Documents    (