RFC Errata
Found 1 record.
Status: Held for Document Update (1)
RFC 5070, "The Incident Object Description Exchange Format", December 2007
Note: This RFC has been obsoleted by RFC 7970
Note: This RFC has been updated by RFC 6685
Source of RFC: inch (sec)
Errata ID: 3333
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Youki Kadobayashi
Date Reported: 2012-09-02
Held for Document Update by: Sean Turner
Date Held: 2012-09-06
As this report involves a number of sections, original texts are also referred to in the Corrected Text below.
It should say:
#1, IncidentID includes a default value for the restriction attribute of "default" in the schema. The specification description is updated as follows to correct the discrepancy. Section 3.3, IncidentID: Change from: " restriction Optional. ENUM. This attribute has been defined in Section 3.2." To: " restriction Optional. ENUM. This attribute has been defined in Section 3.2. The default value is "public". #2, In section 3.5, the UML diagram does not match the text description or schema for the minOccurs value. It should be set to "1". The diagram should be changed from: " +------------------+ | RelatedActivity | +------------------+ | ENUM restriction |<>--{0..*}--[ IncidentID ] | |<>--{0..*}--[ URL ] +------------------+ Figure 5: RelatedActivity Class" To: " +------------------+ | RelatedActivity | +------------------+ | ENUM restriction |<>--{1..*}--[ IncidentID ] | |<>--{1..*}--[ URL ] +------------------+ Figure 5: RelatedActivity Class" #3, Section 3.7.1, lists the attribute "registry" as "Required." The default value is not specified in the schema as local, therefore the description is updated to match. To match the schema, the definition is changed as follows: From: " registry Required. ENUM. The database to which the handle belongs. The default value is 'local'. The possible values are:" To: " registry Optional. ENUM. The database to which the handle belongs. The possible values are:" #4, Section 3.7.2, PostalAddress Class leverages the schema definition for MLStringType to include the "lang" attribute. The MLStringType has this attribute as Optional. The specification definition is updated as follows to correct the issue. Change from: " lang Required. ENUM. A valid language code per RFC 4646 [7] constrained by the definition of "xs:language". The interpretation of this code is described in Section 6." To: " lang Optional. ENUM. A valid language code per RFC 4646 [7] constrained by the definition of "xs:language". The interpretation of this code is described in Section 6." #5, Section 3.11, the "restriction" attribute of the History Class includes a default value of "default" in the schema. As such, the specification definition is updated as follows. Change from: " restriction Optional. ENUM. This attribute is defined in Section 3.2." To: " restriction Optional. ENUM. This attribute is defined in Section 3.2. The default value is "default". #6, Section 3.13, the "restriction" attribute of the Expectation Class includes a default value of "default" in the schema. As such, the specification definition is updated as follows. Change from: " restriction Optional. ENUM. This attribute is defined in Section 3.2." To: " restriction Optional. ENUM. This attribute is defined in Section 3.2. The default value is "default". #7, Section 3.13, the "action" attribute of the Expectation Class includes a default value of "other" in the schema. As such, the specification definition is updated as follows. Change from: " action Optional. ENUM. Classifies the type of action requested. This attribute is an enumerated list with no default value." To: " action Optional. ENUM. Classifies the type of action requested. This attribute is an enumerated list with a default value of "other"." #8, removed - placeholder to retain original numbering #9, Section 3.10, a default value is specified for the "occurrence" attribute specification definition, but is not included in the schema. The text in the specification is removed as follows to correct the discrepancy. Change from: " occurrence Optional. ENUM. Specifies whether the assessment is describing actual or potential outcomes. The default is "actual" and is assumed if not specified." To: " occurrence Optional. ENUM. Specifies whether the assessment is describing actual or potential outcomes." #10, Section 3.10.1, Impact Class leverages the schema definition for MLStringType to include the "lang" attribute. The MLStringType has this attribute as Optional. The specification definition is updated as follows to correct the issue. Change from: " lang Required. ENUM. A valid language code per RFC 4646 [7] constrained by the definition of "xs:language". The interpretation of this code is described in Section 6." To: " lang Optional. ENUM. A valid language code per RFC 4646 [7] constrained by the definition of "xs:language". The interpretation of this code is described in Section 6." #11, Section 3.10.1, Impact Class definition for the attribute type requires updating to match the schema listing of this attribute as "Optional". The attribute includes a default value in the schema that should match the specification text. Change from: " type Required. ENUM. Classifies the malicious activity into incident categories. The permitted values are shown below. The default value is "other"." To: " type Optional. ENUM. Classifies the malicious activity into incident categories. The permitted values are shown below. The default value is "unknown"." #12, Section 3.10.2, TimeImpact Class is inconsistent with the schema definition for the "duration" attribute. The specification definition is updated as follows to resolve the issue. Change from: " duration Required. ENUM. Defines a unit of time, that when combined with the metric attribute, fully describes a metric of impact that will be conveyed in the element content. The permitted values are shown below. The default value is "hour"." To: " duration Optional. ENUM. Defines a unit of time, that when combined with the metric attribute, fully describes a metric of impact that will be conveyed in the element content. The permitted values are shown below. The default value is "hour"." #13, Section 3.10.3, MonetaryImpact Class: "currency" attribute is inconsistent with the schema and the definition is updated as follows to correct the issue. Change from: " currency Required. STRING. Defines the currency in which the monetary impact is expressed. The permitted values are defined in ISO 4217:2001, Codes for the representation of currencies and funds [14]. There is no default value." To: " currency Optional. STRING. Defines the currency in which the monetary impact is expressed. The permitted values are defined in ISO 4217:2001, Codes for the representation of currencies and funds [14]. There is no default value." #14, Section 3.10.4 Confidence Class needs a definition for the enumeration value of "unknown" to be consistent with the schema. Change from: " rating Required. ENUM. A rating of the analytical validity of the specified Assessment. The permitted values are shown below. There is no default value. 1. low. Low confidence in the validity. 2. medium. Medium confidence in the validity. 3. high. High confidence in the validity. 4. numeric. The element content contains a number that conveys the confidence of the data. The semantics of this number outside the scope of this specification." To: " rating Required. ENUM. A rating of the analytical validity of the specified Assessment. The permitted values are shown below. There is no default value. 1. low. Low confidence in the validity. 2. medium. Medium confidence in the validity. 3. high. High confidence in the validity. 4. numeric. The element content contains a number that conveys the confidence of the data. The semantics of this number outside the scope of this specification. 5. unknown. The confidence rating value is not known." #15, Section 3.12, in the EventData Class, the "restriction" attribute includes a default value of "default" in the schema. As such, the specification definition is updated as follows. Change from: " restriction Optional. ENUM. This attribute is defined in Section 3.2." To: " restriction Optional. ENUM. This attribute is defined in Section 3.2. The default value is "default". #16, Section 3.15 System Class requires an update to the specification description to match the UML and schema definition for the Operating System" element as follows. Change from: " OperatingSystem Zero or one. The operating system running on the system." To: " OperatingSystem Zero or more. The operating system running on the system." #17, Section 3.15, in the System Class, the attribute "category" is listed in the schema as Optional, so the definition in the specification requires updating as follows. Change from: " category Required. ENUM. Classifies the role the host or network played in the incident. The possible values are:" To: " category Optional. ENUM. Classifies the role the host or network played in the incident. The possible values are:" For #18, Section 3.16.2, in the Address Class, the attribute "category" is listed in the schema as Optional, so the definition in the specification requires updating as follows. Change from: " category Required. ENUM. Classifies the role the host or network played in the incident. The possible values are:" To: " category Optional. ENUM. Classifies the role the host or network played in the incident. The possible values are:" For #19, Section 3.16.3, NodeRole Class leverages the schema definition for MLStringType to include the "lang" attribute. The MLStringType has this attribute as Optional. The specification definition is updated as follows to correct the issue. Change from: " lang Required. ENUM. A valid language code per RFC 4646 [7] constrained by the definition of "xs:language". The interpretation of this code is described in Section 6." To: " lang Optional. ENUM. A valid language code per RFC 4646 [7] constrained by the definition of "xs:language". The interpretation of this code is described in Section 6." #20, Section 3.17 the Service Class attribute of "Application" specification description does not match the UML or schema. The following update corrects the issue. Change from: " Application Zero or more. The application bound to the specified Port or Portlist." To: " Application Zero or one. The application bound to the specified Port or Portlist." #21, Section 3.17 Service Class, the UML diagram and text does not match the schema for the ProtoField element. Change from: " ProtoFlags Zero or one. INTEGER. A layer-4 protocol specific flag field." To: " ProtoField Zero or one. INTEGER. A layer-4 protocol specific flag field." AND update the UML diagram from: " +---------------------+ | Service | +---------------------+ | INTEGER ip_protocol |<>--{0..1}--[ Port ] | |<>--{0..1}--[ Portlist ] | |<>--{0..1}--[ ProtoCode ] | |<>--{0..1}--[ ProtoType ] | |<>--{0..1}--[ ProtoFlags ] | |<>--{0..1}--[ Application ] +---------------------+ Figure 31: The Service Class" To: " +---------------------+ | Service | +---------------------+ | INTEGER ip_protocol |<>--{0..1}--[ Port ] | |<>--{0..1}--[ Portlist ] | |<>--{0..1}--[ ProtoCode ] | |<>--{0..1}--[ ProtoType ] | |<>--{0..1}--[ ProtoField ] | |<>--{0..1}--[ Application ] +---------------------+ Figure 31: The Service Class" #22, Section 3.19.1 RecordData Class: the AdditionalData element's specification definition does not match the UML diagram or the schema and is updated as follows to correct the issue. Change from: " AdditionalData Zero or one. An extension mechanism for data not explicitly represented in the data model." To: " AdditionalData Zero or more. An extension mechanism for data not explicitly represented in the data model." #23, Section 3.19.2, page 53: the definition of offsetunit should be changed to match the schema from: " offsetunit Optional. ENUM. Describes the units of the offset attribute. The default is "line". 1. line. Offset is a count of lines. 2. binary. Offset is a count of bytes. 3. ext-value. An escape value used to extend this attribute. See Section 5.1." To: " offsetunit Optional. ENUM. Describes the units of the offset attribute. The default is "line". 1. line. Offset is a count of lines. 2. byte. Offset is a count of bytes. 3. ext-value. An escape value used to extend this attribute. See Section 5.1." #24, Section 3.17.1 Application Class: for the definition for "swid", add "default="0"" to the definition to match the schema. Change from: " swid Optional. STRING. An identifier that can be used to reference this software." To: " swid Optional. STRING. An identifier that can be used to reference this software, where the default value is "0"." #25, Section 3.17.1 Application Class: the definition for the attribute "configid" requires updating to include a default value as is included in the schema. Change from: " configid Optional. STRING. An identifier that can be used to reference a particular configuration of this software." To: " configid Optional. STRING. An identifier that can be used to reference a particular configuration of this software, where the default value is "0"."
Notes:
In each of the listed corrections, the schema is preferred as correct wherever possible for the updates provided. The assumption is that most existing implementations would have preferred the schema definition over the text descriptions or UML diagrams.
SPT: I removed #8 because it's a schema change and edited #17 at the request of the submitters.