Hi,The intent of this draft was to address all WGLC comments. I hope that we have. One major change based on Joe's comments:
We moved from enums to identities in one case. In doing so we pulled out support for openc2, because it can easily be added back in later.
Jean Camp asked for an archive node, so we added that. Please check my work. Eliot On 01.09.22 14:02, [email protected] wrote:
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Operations and Management Area Working Group
WG of the IETF.
Title : Discovering and Retrieving Software Transparency and
Vulnerability Information
Authors : Eliot Lear
Scott Rose
Filename : draft-ietf-opsawg-sbom-access-06.txt
Pages : 21
Date : 2022-09-01
Abstract:
To improve cybersecurity posture, automation is necessary to locate
what software is running on a device, whether that software has known
vulnerabilities, and what, if any recommendations suppliers may have.
This memo specifies a model to provide access to this information.
It may optionally be discovered through manufacturer usage
descriptions.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-opsawg-sbom-access/
There is also an htmlized version available at:
https://datatracker.ietf.org/doc/html/draft-ietf-opsawg-sbom-access-06
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-opsawg-sbom-access-06
Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts
_______________________________________________
OPSAWG mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/opsawg
OpenPGP_0x87B66B46D9D27A33.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
