The IESG has approved the following document: - 'Sharing Transaction Fraud Data ' <draft-mraihi-inch-thraud-09.txt> as an Informational RFC This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Tim Polk. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-mraihi-inch-thraud-09.txt Technical Summary This document describes a data-format and protocol for defining and exchanging Transaction Fraud (Thraud) Report data. It profiles the IODEF incident reporting format and uses IODEF's extensibility mechanism for transaction fraud specific data definitions. Working Group Summary This document was not developed within an IETF WG. It would have been proposed to the inch WG, however that WG was shut down before this work was submitted to the IETF. However this document, and all previous versions, were developed within the Initiative for Open Authentication (OATH) Technical Committee and was extensively reviewed by its members. In addition, the document has also been reviwed by the co-authors of the The Incident Object Description Exchange Format draft-ietf-inch- iodef-14.txt, recently accepted for RFC publication. This Thraud draft is a profile of the IODEF specification. In addition, this specification has also been reviewed by members of an FSTC project that is working on the same issue from the perspective of the banking and financial servicies industry. Document Quality Although there are no existing implementations that we are aware of, Entrust has stated plans to support this in their Open Fraud Intelligence Network (OFIN). Roman Danyliew (one of the authors of the IODEF specification, upon which this document is based) provided a thorough review of this document. His comments and questions resulted in significant clarifications as well as technical improvements to this document. At this time, the document has addressed all issues raised by all reviewers, to their satisfaction. Personnel The Document Shepherd is Sharon Boeyen. Tim Polk reviewed the document for the IESG. RFC Editor Note Please make the following substitutions in section 10.1., Media sub-type OLD Optional parameters: same as the charset parameter of application/xml as specified in [RFC3023]. NEW Optional parameters: 'charset': same as the charset parameter of application/xml as specified in [RFC3023]. OLD Security considerations: this registration has all of the security considerations described in [RFC3023] in addition to those in section 9, above. Interoperability considerations: this registration has all of the interoperability considerations described in [RFC3023]. Published specification: the media type data format is defined in this specification. NEW Security considerations: in addition to the security considerations described in section 9, this registration has all of the security considerations described in [RFC3023]. Interoperability considerations: None beyond the interoperability considerations described in [RFC3023]. Published specification: the media type data format is defined in RFC XXXX (this specification). OLD Person and email address to contact for further information: D M'Raihi, dmraihi@verisign.com Intended usage - LIMITED USAGE NEW Person and email address to contact for further information: "D M'Raihi <dmraihi@verisign.com>" Intended usage: LIMITED USE OLD Change controller: D M'Raihi NEW Change controller: the IESG In Appendix B, please make the following two substitutions: OLD <IODEF-Document xmlns="urn:ietf:params:xml:ns:iodef-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="urn:ietf:params:xml:ns:iodef-1.0" lang="en"> NEW <IODEF-Document xmlns="urn:ietf:params:xml:ns:iodef-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="urn:ietf:params:xml:ns:iodef-1.0" lang="en"> OLD <FraudEventTransfer xmlns="urn:ietf:params:xml:ns:thraud- 1.0" xmlns:iodef="urn:ietf:params:xml:ns:iodef-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="urn:ietf:params:xml:ns:thraud-1.0 http://www.openauthentication.org/thraud/Schema1-0.xsd";> NEW <FraudEventTransfer xmlns="urn:ietf:params:xml:ns:thraud- 1.0" xmlns:iodef="urn:ietf:params:xml:ns:iodef-1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="urn:ietf:params:xml:ns:thraud-1.0"> _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www.ietf.org/mailman/listinfo/ietf-announce
