Message info
To:Martin, Robert A. From:Waltermire, David A. Subject:Re: [mile] Adoption of draft-trammell-mile-iodef-xmlreg-01 as a MILE WG item Date:Thu, 29 Mar 2012 02:48:17 -0400

I am also in favor of this draft.

I like the idea of addressing simple id formats in addition to XML formats. I see three data points that are relevant to references using simple ids.

1) The type of the id - A name that indicates the format of the identifier as a pointer into the registry for simple id formats. This could be a simple label (e.g. CVE, CVE-1) similar to the schema name in the RID IANA registery for XML schemas.

In addition to the "id name", the registry could contain a reference to a RFC that describes the format(s) of each simple identifier type.

2) The id instance in the population - For example: CVE-2012-1907.

3) References to resources that present information about the issue related to the identifier. In the case of a CVE this could be a reference to a vulnerability database or other sources of information (e.g. content repositories, etc.)

An IODEF reference using this format could look like:

<description>A pointer to CVE-2012-1907.</description>

From: [] On Behalf Of Martin, Robert A. []
Sent: Wednesday, March 28, 2012 2:41 PM
Subject: Re: [mile] Adoption of draft-trammell-mile-iodef-xmlreg-01 as a MILE WG item

I agree that this topic should be adopted as a work item.

One thought I would offer is to consider whether we should be
restricting it to just registries of XML Namespaces and Schemas or
should we consider adding other formats/structures of relavent security
information within this work like simple id-based registries?



On 3/28/12 8:25 AM, wrote:
> Hello,
> At the MILE WG meeting yesterday, there was consensus in the room to adopt draft-trammell-mile-iodef-xmlreg-01 as a working group item. I would like to confirm this consensus call on the list; if anyone has additional objections or comments about the adoption of this draft, please let them be known on the list by next Tuesday.
> Thank you!
> Kathleen
> _______________________________________________
> mile mailing list
mile mailing list
mile mailing list