{"draft":"draft-ietf-sacm-coswid-24","doc_id":"RFC9393","title":"Concise Software Identification Tags","authors":["H. Birkholz","J. Fitzgerald-McKay","C. Schmidt","D. Waltermire"],"format":["HTML","TEXT","PDF","XML"],"page_count":"61","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Security Automation and Continuous Monitoring","abstract":"ISO\/IEC 19770-2:2015 Software Identification (SWID) tags provide an\r\nextensible XML-based structure to identify and describe individual\r\nsoftware components, patches, and installation bundles. SWID tag\r\nrepresentations can be too large for devices with network and storage\r\nconstraints. This document defines a concise representation of SWID\r\ntags: Concise SWID (CoSWID) tags. CoSWID supports a set of semantics\r\nand features that are similar to those for SWID tags, as well as new\r\nsemantics that allow CoSWIDs to describe additional types of\r\ninformation, all in a more memory-efficient format.","pub_date":"June 2023","keywords":[],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9393","errata_url":null}