http://www.rfc-editor.org/rfc/rfc5901.txt
RFC 5901: Extensions to the IODEF-Document Class for Reporting Phishing, P. Cain, D. Jevans2010-07-01T23:00:00-00:00This document extends the Incident Object Description Exchange Format (IODEF) defined in RFC 5070 to support the reporting of phishing events, which is a particular type of fraud. These extensions are flexible enough to support information gleaned from activities throughout the entire electronic fraud cycle -- from receipt of the phishing lure to the disablement of the collection site. Both simple reporting and complete forensic reporting are possible, as is consolidating multiple incidents. [STANDARDS-TRACK]