Transport of Real-time Inter-network Defense (RID) Messages over HTTP/TLS
draft-ietf-mile-rfc6046-bis-09
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2012-08-22
|
09 | (System) | post-migration administrative database adjustment to the No Objection position for Russ Housley |
2012-02-03
|
09 | David Harrington | Request for Last Call review by TSVDIR Completed. Reviewer: Mark Allman. |
2012-01-31
|
09 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2012-01-31
|
09 | (System) | IANA Action state changed to Waiting on RFC Editor from In Progress |
2012-01-31
|
09 | (System) | IANA Action state changed to In Progress from Waiting on Authors |
2012-01-31
|
09 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2012-01-30
|
09 | Cindy Morgan | State changed to RFC Ed Queue from Approved-announcement sent. |
2012-01-30
|
09 | (System) | IANA Action state changed to In Progress |
2012-01-27
|
09 | Amy Vezza | IESG state changed to Approved-announcement sent |
2012-01-27
|
09 | Amy Vezza | IESG has approved the document |
2012-01-27
|
09 | Amy Vezza | Closed "Approve" ballot |
2012-01-27
|
09 | Amy Vezza | Approval announcement text regenerated |
2012-01-27
|
09 | Amy Vezza | Ballot writeup text changed |
2012-01-27
|
09 | Amy Vezza | State changed to Approved-announcement to be sent from IESG Evaluation::AD Followup. |
2012-01-25
|
09 | (System) | New version available: draft-ietf-mile-rfc6046-bis-09.txt |
2012-01-23
|
09 | Samuel Weiler | Request for Last Call review by SECDIR Completed. Reviewer: Leif Johansson. |
2012-01-23
|
09 | Russ Housley | [Ballot discuss] The Gen-ART Review by Alexey Melnikov on 14-Jan-2012 lead to a discussion with the authors. They seem to have settled on agreed … [Ballot discuss] The Gen-ART Review by Alexey Melnikov on 14-Jan-2012 lead to a discussion with the authors. They seem to have settled on agreed changes to the document, but the changes have not been made yet. |
2012-01-23
|
09 | Russ Housley | [Ballot Position Update] Position for Russ Housley has been changed to No Objection from Discuss |
2012-01-22
|
09 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
2012-01-22
|
08 | (System) | New version available: draft-ietf-mile-rfc6046-bis-08.txt |
2012-01-19
|
09 | Cindy Morgan | Removed from agenda for telechat |
2012-01-19
|
09 | Cindy Morgan | State changed to IESG Evaluation::Revised ID Needed from IESG Evaluation. |
2012-01-19
|
09 | Ralph Droms | [Ballot Position Update] New position, No Objection, has been recorded |
2012-01-19
|
09 | Dan Romascanu | [Ballot Position Update] New position, No Objection, has been recorded |
2012-01-19
|
09 | Gonzalo Camarillo | [Ballot Position Update] New position, No Objection, has been recorded |
2012-01-19
|
09 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded |
2012-01-18
|
09 | Wesley Eddy | [Ballot Position Update] New position, No Objection, has been recorded |
2012-01-18
|
09 | Stephen Farrell | [Ballot comment] I wonder how easy it is to find a HTTP client implementation that won't follow 3xx response codes. I don't know, just wonder:-) |
2012-01-18
|
09 | Stephen Farrell | [Ballot Position Update] New position, No Objection, has been recorded |
2012-01-18
|
09 | Peter Saint-Andre | [Ballot comment] First, thank you for addressing the comments that Julian Reschke provided on behalf of the Apps Directorate. Section 3 states: RID systems … [Ballot comment] First, thank you for addressing the comments that Julian Reschke provided on behalf of the Apps Directorate. Section 3 states: RID systems MAY be configurable to listen on ports other than the well-known port; this configuration is out of band and out of scope for this specification. and: When performing RID callback, a responding system MUST connect to the host at the network-layer address from which the original request was sent; there is no mechanism in RID for redirected callback. This callback SHOULD use TCP port 4590 unless configured out of band to use a different port. What does it mean to configure a RID system out of band? As far as I can see there is no *in-band* configuration method (i.e., a RID system cannot be configured via RID messages), so the use of "out of band" here is confusing. I suggest removing this terminology in both instances. The ABNF reference is old; please change [RFC2234] to [RFC5234]. Section 3 states: RID systems MUST use TLS version 1.1 [RFC4346] or higher with mutual authentication for confidentiality, identification, and authentication, as in [RFC2818], when transporting RID messages over HTTPS. The phrase "as in [RFC2818]" makes it sound as if the rules specified in RFC 2818 are the kind of rules that might be used, not that those rules must be followed. If the intent is that the identity-checking rules in RFC 2818 always apply to RID systems, I suggest changing the text to: RID systems MUST use TLS version 1.1 [RFC4346] or higher with mutual authentication for confidentiality, identification, and authentication when transporting RID messages over HTTPS. RID systems MUST follow the rules specified in [RFC2818] regarding verification of endpoint identities. |
2012-01-18
|
09 | Peter Saint-Andre | [Ballot Position Update] New position, No Objection, has been recorded |
2012-01-18
|
09 | Russ Housley | [Ballot discuss] The Gen-ART Review by Alexey Melnikov on 14-Jan-2012 lead to a discussion with the authors. They seem to have settled on agreed … [Ballot discuss] The Gen-ART Review by Alexey Melnikov on 14-Jan-2012 lead to a discussion with the authors. They seem to have settled on agreed changes to the document, but the changes have not been made yet. |
2012-01-18
|
09 | Russ Housley | [Ballot Position Update] New position, Discuss, has been recorded |
2012-01-18
|
09 | Stewart Bryant | [Ballot Position Update] New position, No Objection, has been recorded |
2012-01-18
|
07 | (System) | New version available: draft-ietf-mile-rfc6046-bis-07.txt |
2012-01-17
|
09 | Amanda Baber | Upon approval, IANA will replace this port registration's reference to RFC6046 with a reference to this document: rid 4590 tcp RID over HTTP/TLS [RFC-to-be] http://www.iana.org/assignments/service-names-port-numbers |
2012-01-17
|
09 | Brian Trammell | submitted to IESG, on telechat agenda 19 Jan following WGLC / IETF LC |
2012-01-17
|
09 | Brian Trammell | IETF state changed to Submitted to IESG for Publication from In WG Last Call |
2012-01-17
|
06 | (System) | New version available: draft-ietf-mile-rfc6046-bis-06.txt |
2012-01-17
|
09 | Robert Sparks | [Ballot Position Update] New position, No Objection, has been recorded |
2012-01-17
|
09 | Sean Turner | State changed to IESG Evaluation from Waiting for AD Go-Ahead. |
2012-01-17
|
09 | (System) | State changed to Waiting for AD Go-Ahead from In Last Call. |
2012-01-16
|
09 | Adrian Farrel | [Ballot Position Update] New position, No Objection, has been recorded |
2012-01-16
|
09 | Ron Bonica | [Ballot Position Update] New position, No Objection, has been recorded |
2012-01-14
|
09 | Alexey Melnikov | Request for Last Call review by GENART Completed. Reviewer: Alexey Melnikov. |
2012-01-06
|
09 | Jean Mahoney | Request for Last Call review by GENART is assigned to Alexey Melnikov |
2012-01-06
|
09 | Jean Mahoney | Request for Last Call review by GENART is assigned to Alexey Melnikov |
2012-01-06
|
09 | David Black | Assignment of request for Last Call review by GENART to David Black was rejected |
2012-01-06
|
09 | Jean Mahoney | Request for Last Call review by GENART is assigned to David Black |
2012-01-06
|
09 | Jean Mahoney | Request for Last Call review by GENART is assigned to David Black |
2012-01-05
|
09 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Leif Johansson |
2012-01-05
|
09 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Leif Johansson |
2012-01-04
|
09 | David Harrington | Request for Last Call review by TSVDIR is assigned to Mark Allman |
2012-01-04
|
09 | David Harrington | Request for Last Call review by TSVDIR is assigned to Mark Allman |
2012-01-03
|
09 | Sean Turner | [Ballot Position Update] New position, Yes, has been recorded for Sean Turner |
2012-01-03
|
09 | Sean Turner | Ballot has been issued |
2012-01-03
|
09 | Sean Turner | Created "Approve" ballot |
2012-01-03
|
09 | Amy Vezza | Last call sent |
2012-01-03
|
09 | Amy Vezza | State changed to In Last Call from Last Call Requested. The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: … State changed to In Last Call from Last Call Requested. The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Subject: Last Call: (Transport of Real-time Inter-network Defense (RID) Messages over HTTP/ TLS) to Proposed Standard The IESG has received a request from the Managed Incident Lightweight Exchange WG (mile) to consider the following document: - 'Transport of Real-time Inter-network Defense (RID) Messages over HTTP/ TLS' as a Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2012-01-17. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract The Incident Object Description Exchange Format (IODEF) defines a common XML format for document exchange, and Realtime Internetwork Defense (RID) defines extensions to IODEF intended for the cooperative handling of security incidents within consortia of network operators and enterprises. This document specifies a transport protocol for RID based upon the passing of RID messages over HTTP/TLS. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-mile-rfc6046-bis/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-mile-rfc6046-bis/ No IPR declarations have been submitted directly on this I-D. |
2012-01-03
|
09 | Sean Turner | Placed on agenda for telechat - 2012-01-19 |
2012-01-03
|
09 | Sean Turner | Last Call was requested |
2012-01-03
|
09 | (System) | Ballot writeup text was added |
2012-01-03
|
09 | (System) | Last call text was added |
2012-01-03
|
09 | (System) | Ballot approval text was added |
2012-01-03
|
09 | Sean Turner | State changed to Last Call Requested from AD Evaluation::AD Followup. |
2012-01-03
|
09 | Sean Turner | Last Call text changed |
2012-01-03
|
09 | Sean Turner | Ballot writeup text changed |
2012-01-03
|
09 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
2012-01-03
|
05 | (System) | New version available: draft-ietf-mile-rfc6046-bis-05.txt |
2011-12-27
|
09 | Sean Turner | State changed to AD Evaluation::Revised ID Needed from AD Evaluation::AD Followup. |
2011-12-19
|
09 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
2011-12-19
|
04 | (System) | New version available: draft-ietf-mile-rfc6046-bis-04.txt |
2011-12-14
|
09 | Sean Turner | State changed to AD Evaluation::Revised ID Needed from AD Evaluation. |
2011-12-14
|
09 | Sean Turner | State changed to AD Evaluation from Publication Requested. |
2011-12-07
|
09 | Amy Vezza | (1.a) Who is the Document Shepherd for this document? Has the Document Shepherd personally reviewed this version of the document and, in particular, does he … (1.a) Who is the Document Shepherd for this document? Has the Document Shepherd personally reviewed this version of the document and, in particular, does he or she believe this version is ready for forwarding to the IESG for publication? Document Shepherd: Kathleen Moriarty Review: The document has been reviewed and I believe it is ready for publication. (1.b) Has the document had adequate review both from key WG members and from key non-WG members? Does the Document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? Yes, this document is an updated version of RFC6046. The technical review in the last IESG process was extremely positive, stating this should be an example for similar documents. Nits and technical clarifications were noted and addressed during this last call process. I do not have any concerns about the depth or breadth of the reviews that have been preformed. (1.c) Does the Document Shepherd have concerns that the document needs more review from a particular or broader perspective, e.g., security, operational complexity, someone familiar with AAA, internationalization or XML? No concerns. (1.d) Does the Document Shepherd have any specific concerns or issues with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. Has an IPR disclosure related to this document been filed? If so, please include a reference to the disclosure and summarize the WG discussion and conclusion on this issue. No concerns. (1.e) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? This document has WG consensus. (1.f) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is entered into the ID Tracker.) No discontent has been stated on this document. (1.g) Has the Document Shepherd personally verified that the document satisfies all ID nits? (See the Internet-Drafts Checklist and http://tools.ietf.org/tools/idnits/). Boilerplate checks are not enough; this check needs to be thorough. Has the document met all formal review criteria it needs to, such as the MIB Doctor, media type and URI type reviews? Yes. (1.h) Has the document split its references into normative and informative? Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the strategy for their completion? Are there normative references that are downward references, as described in [RFC3967]? If so, list these downward references to support the Area Director in the Last Call procedure for them [RFC3967]. Yes, this has been addressed. (1.i) Has the Document Shepherd verified that the document IANA consideration section exists and is consistent with the body of the document? If the document specifies protocol extensions, are reservations requested in appropriate IANA registries? Are the IANA registries clearly identified? If the document creates a new registry, does it define the proposed initial contents of the registry and an allocation procedure for future registrations? Does it suggest a reasonable name for the new registry? See [RFC5226]. If the document describes an Expert Review process has Shepherd conferred with the Responsible Area Director so that the IESG can appoint the needed Expert during the IESG Evaluation? Yes, the IANA section remains the same as RFC6046 and is correct, addressing all appropriate areas. (1.j) Has the Document Shepherd verified that sections of the document that are written in a formal language, such as XML code, BNF rules, MIB definitions, etc., validate correctly in an automated checker? N/A. Technical reviews have taken place. (1.k) The IESG approval announcement includes a Document Technical Summary This document provides the HTTP/TLS transport specification for Real-time Inter-network Defense (RID) messaging defined in RFC6045-bis. This document updates RFC6046. Working Group Summary The working group formally adopted this draft as a working group item in Taipei. There has been clear recognition that this document is needed to provide the transport for RFC6045-bis (also a WG item). Working group members showed their support for this document in the review process through reviews and comments sent to the mailing list. All suggested changes are included in the current version. Document Quality There are existing implementations and new ones in development based on the updated requirements. Increasing interest in this protocol has been demonstrated by computer security incident response teams (CSIRTs) and information sharing groups (industry and regionally focused) to automate the exchange of cyber security information exchange. The ITU-T also has interest in referencing this document in their suite of protocols in Study Group 17, question 4. Small changes were recommended and made during the working group last call. There are no outstanding technical concerns with this document. The technical reviews provided by David Black and SM@resistor.net provided small changes that are reflected in the current version. |
2011-12-07
|
09 | Amy Vezza | Draft added in state Publication Requested |
2011-12-07
|
09 | Amy Vezza | [Note]: 'Kathleen Moriarty (kathleen.moriarty@emc.com) is the document shepherd.' added |
2011-12-07
|
03 | (System) | New version available: draft-ietf-mile-rfc6046-bis-03.txt |
2011-12-06
|
02 | (System) | New version available: draft-ietf-mile-rfc6046-bis-02.txt |
2011-11-21
|
09 | Brian Trammell | WGLC started 21 November, to end 5 December |
2011-11-21
|
09 | Brian Trammell | IETF state changed to In WG Last Call from WG Document |
2011-11-21
|
01 | (System) | New version available: draft-ietf-mile-rfc6046-bis-01.txt |
2011-11-17
|
00 | (System) | New version available: draft-ietf-mile-rfc6046-bis-00.txt |