Following my short info in the OPSAWG/OPSAREA meeting yesterday - the I-D that I was mentioning is http://datatracker.ietf.org/doc/draft-coffin-sacm-vuln-scenario/. It describes the vulnerability assessment scenario and the concept of vulnerability reports which the SACM WG is considering as useful to baseline requirements and use as a reference use case for the work in the current (first) phase of the SACM work.
We would appreciate one or even more review from the OPSEC and OPSAWG community. We are interested especially whether the use case and process described in this I-D fits the way vulnerability assessment and reports are being seen by operators in their daily activities. Thanks and Regards, Dan
_______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
