All Thanks for all the feedback on this document. We chairs understand there are some questions around privacy considerations.
However, there was no comments on DNSOP adopting this work to resolve those issues. The document can go to the Independent Stream Editor and we can point them to this email thread as something that can be addressed. Authors should fill free to submit to the ISE. We will alert them as well tim On Fri, Jun 23, 2023 at 4:18 PM Tim Wicinski <[email protected]> wrote: > > All > > Draft-dulaunoy-dnsop-passive-dns-cof was originally submitted back in > 2014, and has had 10 revisions since then. > > https://datatracker.ietf.org/doc/draft-dulaunoy-dnsop-passive-dns-cof/ > > Note that the format is now fixed, and there are several implementations. > > We had asked DNSOP (in the poll we held)to help us assess the level of > interest in it, and the responses largely put it moderately high ("Adopt, > but not now"). It would be helpful to find out if this is still the case, > as things have progressed since then: the format is now widely used, and so > the format itself is basically fixed. As an example, the format is being > used within the US government agencies for event logging and incident > response[0]. > > > One of two things could happen: > > 1: DNSOP decides that they are really interested, adopts and improves the > justification / operational / supporting text, and the draft gets published > as an IETF RFC; or > > > 2: DNSOP says "No thanks, but we don't actively object". In which case the > ISE (and Warren!) has a much easier time explaining why it's being > published as an RFC on the Independent stream. . We will also ask for a DNS > Directorate review. > > > Feedback Welcome > > tim > > [0]: Because the draft had expired, and the USG cannot (realistically) > point at expired IDs, they had to copy and paste it into an internal > document: > https://www.whitehouse.gov/wp-content/uploads/2021/08/M-21-31-Improving-the-Federal-Governments-Investigative-and-Remediation-Capabilities-Related-to-Cybersecurity-Incidents.pdf > Page 15 is the table where they defined the Passive DNS Log fields. >
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
