{"draft":"draft-ietf-mile-enum-reference-format-14","doc_id":"RFC7495","title":"Enumeration Reference Format for the Incident Object Description Exchange Format (IODEF)","authors":["A. Montville","D. Black"],"format":["ASCII","HTML"],"page_count":"10","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Managed Incident Lightweight Exchange","abstract":"The Incident Object Description Exchange Format (IODEF) is an XML data\r\nrepresentation framework for sharing information about computer security\r\nincidents.  In IODEF, the Reference class provides references to externally\r\nspecified information such as a vulnerability, Intrusion Detection System\r\n(IDS) alert, malware sample, advisory, or attack technique.  In practice,\r\nthese references are based on external enumeration specifications that define\r\nboth the enumeration format and the specific enumeration values, but the IODEF\r\nReference class (as specified in IODEF v1 in RFC 5070) does not indicate how\r\nto include both of these important pieces of information.\r\n\r\nThis document establishes a stand-alone data format to include both the\r\nexternal specification and specific enumeration identification value, and\r\nestablishes an IANA registry to manage external enumeration specifications.\r\nWhile this document does not update IODEF v1, this enumeration reference\r\nformat is used in IODEF v2 and is applicable to other formats that support\r\nthis class of enumeration references.","pub_date":"March 2015","keywords":["IODEF","Incident","Reference","Enumeration","Format"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC7495","errata_url":null}