The IESG has received a request from the Managed Incident Lightweight Exchange WG (mile) to consider the following document: - 'IODEF Enumeration Reference Format' <draft-ietf-mile-enum-reference-format-10.txt> as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2014-12-16. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract The Incident Object Description Exchange Format (IODEF) is an XML data representation framework for sharing information about computer security incidents. In IODEF, the Reference class provides references to externally specified information such as a vulnerability, IDS alert, malware sample, advisory, or attack technique. In practice, these references are based on external enumeration specifications that define both the enumeration format and the specific enumeration values, but the IODEF Reference class (as specified in RFC 5070) does not indicate how to include both of these important pieces of information. This memo establishes a stand-alone data format to include both the external specification and specific enumeration value, and establishes an IANA registry to manage external enumeration specifications. While this memo does not update IODEF, it provides the ability for future revisions of IODEF to leverage the ReferenceName class herein described. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-mile-enum-reference-format/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-mile-enum-reference-format/ballot/ No IPR declarations have been submitted directly on this I-D.
