Technical Summary
The Incident Object Description Exchange Format (IODEF) is an XML
data representation framework for sharing information about computer
security incidents. In IODEF, the Reference class provides
references to externally specified information such as a
vulnerability, IDS alert, malware sample, advisory, or attack
technique. In practice, these references are based on external
enumeration specifications that define both the enumeration format
and the specific enumeration values, but the IODEF Reference class
(as specified in IODEF v1 in RFC 5070) does not indicate how to
include both of these important pieces of information.
This memo establishes a stand-alone data format to include both the
external specification and specific enumeration identification value,
and establishes an IANA registry to manage external enumeration
specifications. While this memo does not update IODEV v1, this
enumeration reference format is used in IODEF v2 and is applicable to
other formats that support this class of enumeration references.
Working Group Summary
This update is straightforward, and there was no difficulty coming to consensus
on all points. The document received extensive review by the MILE working
group since its first draft (published on September 1, 2012). The format of the
identifier has been discussed and revised. Consequently, the structure of IANA
registry has also been revised over time. All the discussion comments were
reflected to the current version of the draft. The draft has completed WGLC
and represents the consensus of the WG with no controversy. We believe the
working group is solidly behind this.
Document Quality
The draft is pretty straightforward way of including references for
existing enumeration formats, like CVE in a consistent way within
an IODEF report and has received adequate review by the working group.
Expert review has been requested and provided from the
AppsDir with a focus on the XML schema changes.
Personnel
The document shepherd is David Waltermire.
The responsible Area Director is Kathleen Moriarty.
The document creates an IANA registry for identifiers to be
referenced from IODEFF's Reference class subject to expert
review and specification required.
IANA Note
'The registries use the 5226 'Specification Required' with expert review
registration policy.