Hello, Tonight's side meeting for MILE will be held in Room 301A, starting right after the plenary at 19:30 EST. We plan to use the following bridge number for those who could not be here in person: Dial-in: 857.207.4204, 1, 60363236# Global access numbers are listed at the end of this message. Thank you, Kathleen & Brian ________________________________________ From: mile-bounces@xxxxxxxx [mile-bounces@xxxxxxxx] On Behalf Of Brian Trammell [trammell@xxxxxxxxxxxxxx] Sent: Monday, July 11, 2011 10:30 AM To: ietf@xxxxxxxx; saag@xxxxxxxx Cc: mile@xxxxxxxx Subject: [mile] MILE side meeting, IETF81 in Quebec, Monday night July 25th Greetings, all, To help us plan a bit for the (previously-announced) MILE pre-WG side meeting in Quebec, 19:30 Monday 25 July, after the technical plenary meeting, please let us know if you are interested in attending by filling out the doodle at: http://www.doodle.com/e2w494tce6knmq6m The working proposed charter is attached below for reference. Further details will be announced later. Many thanks, and best regards, Brian and Kathleen Managed Incident Lightweight Exchange (mile) -------------------------------------------- Proposed Working Group Charter Chairs: Kathleen Moriarty <kathleen.moriarty@xxxxxxx> Brian Trammell <trammell@xxxxxxxxxxxxxx> Security Area Directors: Stephen Farrell <stephen.farrell@xxxxxxxxx<mailto:stephen.farrell@xxxxxxxxx>> Sean Turner <turners@xxxxxxxx<mailto:turners@xxxxxxxx>> Security Area Advisor: Sean Turner <turners@xxxxxxxx> Mailing Lists: General Discussion: mile@xxxxxxxx To Subscribe: http://www.ietf.org/mailman/listinfo/mile Archive: http://www.ietf.org/mail-archive/web/mile Description: The Managed Incident Lightweight Exchange (MILE) pre-working group will develop standards and extensions for the purpose of improving incident information sharing and handling capabilities based on the work developed in the IETF Extended INCident Handling (INCH) working group. The Incident Object Description Exchange Format (IODEF) in RFC5070 and Real-time Inter-network Defense (RID) in RFC6045 were developed in the INCH working group by international Computer Security Incident Response Teams (CSIRTs) and industry to meet the needs of a global community interested in sharing, handling, and exchanging incident information. The extensions and guidance created by the MILE working group assists with the daily operations of CSIRTs at an organization, service provider, law enforcement, and at the country level. The application of IODEF and RID to interdomain incident information cooperative exchange and sharing has recently expanded and the need for extensions has become more im portant. Efforts continue to deploy IODEF and RID, as well as to extend them to support specific use cases covering reporting and mitigation of current threats such as anti-phishing extensions. An incident could be a benign configuration issue, IT incident, an infraction to a service level agreement (SLA), a system compromise, socially engineered phishing attack, or a denial-of-service (DoS) attack, etc.. When an incident is detected, the response may include simply filing a report, notification to the source of the incident, a request to a third party for resolution/mitigation, or a request to locate the source. IODEF defines a data representation that provides a standard format for sharing information commonly exchanged about computer security incidents. RID enables the secure exchange of incident related information in an IODEF format providing options for security, privacy, and policy setting. MILE leverages collaboration and sharing experiences with the work developed in the INCH working group which includes the data model detailed in the IODEF, existing extensions to the IODEF for Anti-phishing (RFC5901), and RID (RFC6045, RFC6046) for the secure exchange of information. MILE will also leverage the experience gained in using IODEF and RID in operational contexts. Related work, drafted outside of INCH will also be reviewed and includes RFC5941, Sharing Transaction Fraud Data. The MILE working group provides coordination for these various extension efforts to improve the capabilities for exchanging incident information. MILE has several objectives with the first being a description a subset of IODEF focused on ease of deployment and applicability to current information security data sharing use cases. MILE also describes a generalization of RID for secure exchange of other security-relevant XML formats. MILE produces additional guidance needed for the successful exchange of incident information for new use cases according to policy, security, and privacy requirements. Finally, MILE produces a document template with guidance for defining IODEF extensions to be followed when producing extensions to IODEF as appropriate, for: * labeling incident reports with data protection, data retention, and other policies, regulations, and laws restricting the handling of those reports * reporting on mail service abuse incidents * reporting forensic data generated during incident investigation * reporting indicators of compromise in incident reports * reporting on financial fraud incidents * reporting incidents involving virtualized environments * referencing SCAP enumerations from within incident reports * profiling and reporting on characteristics of malware suspected or confirmed to be involved in an incident * profiling and reporting on characteristics of actors (persons or groups) suspected or confirmed to be involved in an incident * reporting on misuse incidents _______________________________________________ mile mailing list mile@xxxxxxxx https://www.ietf.org/mailman/listinfo/mile Global Access Numbers • Toll-free number Freefone number that participants can use to dial in to your call and will not be charged. • International toll dial-in number Toll number available globally. Use when neither toll-free nor local toll is listed for your country. • Local toll dial-in number Local, in-country numbers that incur a local call charge. Use when no toll-free number is listed for your country. If your country isn't listed below, please use +1 857 207 4204 Note (as of 6/30/11): There are new toll free dial-in numbers for Mexico and Brazil. The new Mexico toll free dial-in number is listed below. For the new Brazil toll free dial-in number, please contact the help desk. Please be sure to use these numbers for all future meetings, as the prior numbers (not listed) will be disconnected on July 31. If you are dialing from Ecuador, Egypt, Ghana, Honduras, India, Jordan or Turkey, please click here for additional dialing instructions For Philippines dial-in number, please contact the Help desk Country Toll-free # Local toll dial-in # Int'l toll dial-in # Antigua 18009881093 Argentina 08006663580 053541170 +54 53541170 Australia 1800107895 Australia 1800097161 01280238327 +61 1280238327 Austria 0800293883 01206091042 +43 1206091042 Bahamas 18009887511 Bahrain 80004370 Belgium 080080799 022006492 +32 22006492 Bolivia 800100617 Chile 12300200430 China 108007121934 (Netcom only) China 108001201934 (Telecom only) 4008811625 (Netcom, Telecom and all mobile access) +86 4008811625 (Netcom, Telecom and all mobile access) China 4001200029 (Netcom, Telecom and China Mobile) +86 4001200029 (Netcom, Telecom and China Mobile) Colombia 018009440105 Costa Rica 08000440080 Cyprus 80092424 Czech Republic 800142864 239014112 +420 239014112 Denmark 80889478 43682063 +45 43682063 Dominican Republic 18888038749 Ecuador 8009887511 (Click here for access code to dial before dialing number) Egypt 08000000271 Egypt 8885409783 (Click here for access code to dial before dialing number) Estonia 8000044320 Finland 0800919478 0972519186 +358 972519186 France 0805540147 0157323313 +33 157323313 Germany 08006646745 06950985552 +49 6950985552 Ghana 217013261 +233 217013261 Greece 0080044145248 Grenada 18009881111 Honduras 8009887511 (Click here for access code to dial before dialing number) Hong Kong 800930871 30114650 +852 30114650 Hungary 0680016578 0617779141 +36 17779141 Iceland 8008880 India 0008004401562 India 8006981070 (Click here for access code to dial before dialing number) Indonesia 001803441067 Ireland 1800882434 012420715 +353 12420715 Israel 1809440999 Italy 800871598 0291483215 +39 0291483215 Jamaica 18009881120 Japan 0120925830 0357679520 +81 357679520 Jordan 8009887511 (Click here for access code to dial before dialing number) Latvia 80002944 Lithuania 880030687 Luxembourg 80024059 24871035 +352 24871035 Malaysia 1800814162 0362074117 +60 362074117 Mexico 018005630627 Netherlands 08000201642 0202008462 +31 202008462 New Zealand 0800991168 099164905 +64 99164905 Norway 80010740 24159766 +47 24159766 Panama 008000441121 Peru 080053571 Poland 008004421075 0223060053 +48 223060053 Portugal 800844676 217616089 +351 217616089 Romania 0800894796 Russia 81080022381044 84992722055 +7 4992722055 Saudi Arabia 8008444687 Singapore 8004481568 66221240 +65 66221240 South Africa 0800166372 South Korea 007984420995 0234837092 +82 234837092 Spain 900811826 912754650 +34 912754650 Sweden 020790087 0851761388 +46 851761388 Switzerland 0800562306 0445118108 +41 445118108 Taiwan 00801444395 0221621838 +886 221621838 Thailand 0018004411019 Turkey 00800448829160 Turkey 8885409783 (Click here for access code to dial before dialing number) United Arab Emirates 80004414961 United Kingdom 08001214662 02030249140 +44 2030249140 United States 8886433084 18572074204 +1 8572074204 Venezuela 08001766485 _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf