RFC 7495

Enumeration Reference Format for the Incident Object Description Exchange Format (IODEF), March 2015

Canonical URL:
File formats:
Plain TextPDF
A. Montville
D. Black
mile (sec)

Cite this RFC: TXT  |  XML

DOI:  http://dx.doi.org/10.17487/RFC7495

Discuss this RFC: Send questions or comments to mile@ietf.org

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


The Incident Object Description Exchange Format (IODEF) is an XML data representation framework for sharing information about computer security incidents. In IODEF, the Reference class provides references to externally specified information such as a vulnerability, Intrusion Detection System (IDS) alert, malware sample, advisory, or attack technique. In practice, these references are based on external enumeration specifications that define both the enumeration format and the specific enumeration values, but the IODEF Reference class (as specified in IODEF v1 in RFC 5070) does not indicate how to include both of these important pieces of information. This document establishes a stand-alone data format to include both the external specification and specific enumeration identification value, and establishes an IANA registry to manage external enumeration specifications. While this document does not update IODEF v1, this enumeration reference format is used in IODEF v2 and is applicable to other formats that support this class of enumeration references.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.

Download PDF Reader

Search RFCs
Advanced Search