draft-ietf-mile-rolie-06.txt   draft-ietf-mile-rolie-07.txt 
MILE Working Group J. Field MILE Working Group J. Field
Internet-Draft Pivotal Internet-Draft Pivotal
Intended status: Standards Track S. Banghart Intended status: Standards Track S. Banghart
Expires: September 14, 2017 D. Waltermire Expires: November 25, 2017 D. Waltermire
NIST NIST
March 13, 2017 May 24, 2017
Resource-Oriented Lightweight Information Exchange Resource-Oriented Lightweight Information Exchange
draft-ietf-mile-rolie-06 draft-ietf-mile-rolie-07
Abstract Abstract
This document defines a resource-oriented approach for security This document defines a resource-oriented approach for security
automation information publication, discovery, and sharing. Using automation information publication, discovery, and sharing. Using
this approach, producers may publish, share, and exchange this approach, producers may publish, share, and exchange
representations of security incidents, attack indicators, software representations of software descriptors, security incidents, attack
vulnerabilities, configuration checklists, and other security indicators, software vulnerabilities, configuration checklists, and
automation information as Web-addressable resources. Furthermore, other security automation information as web-addressable resources.
consumers and other stakeholders may access and search this security Furthermore, consumers and other stakeholders may access and search
information as needed, establishing a rapid and on-demand information this security information as needed, establishing a rapid and on-
exchange network for restricted internal use or public access demand information exchange network for restricted internal use or
repositories. This specification extends the Atom Publishing public access repositories. This specification extends the Atom
Protocol and Atom Syndication Format to transport and share security Publishing Protocol and Atom Syndication Format to transport and
automation resource representations. share security automation resource representations.
Contributing to this document Contributing to this document
The source for this draft is being maintained on GitHub. Suggested The source for this draft is being maintained on GitHub. Suggested
changes should be submitted as pull requests at changes should be submitted as pull requests at
<https://github.com/CISecurity/ROLIE>. Instructions are on that page <https://github.com/CISecurity/ROLIE>. Instructions are on that page
as well. Editorial changes can be managed in GitHub, but any as well. Editorial changes can be managed in GitHub, but any
substantial issues need to be discussed on the MILE mailing list. substantial issues need to be discussed on the MILE mailing list.
Status of This Memo Status of This Memo
skipping to change at page 2, line 4 skipping to change at page 2, line 4
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 14, 2017. This Internet-Draft will expire on November 25, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 29 skipping to change at page 2, line 29
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. XML-related Conventions . . . . . . . . . . . . . . . . . . . 4 3. XML-related Conventions . . . . . . . . . . . . . . . . . . . 4
3.1. XML Namespaces . . . . . . . . . . . . . . . . . . . . . 4 3.1. XML Namespaces . . . . . . . . . . . . . . . . . . . . . 4
3.2. RELAX NG Compact Schema . . . . . . . . . . . . . . . . . 5 3.2. RELAX NG Compact Schema . . . . . . . . . . . . . . . . . 5
4. Background and Motivation . . . . . . . . . . . . . . . . . . 5 4. Background and Motivation . . . . . . . . . . . . . . . . . . 5
4.1. Proactive Sharing . . . . . . . . . . . . . . . . . . . . 5 5. ROLIE Requirements for the Atom Publishing Protocol . . . . . 6
4.2. Knowledge Aggregation . . . . . . . . . . . . . . . . . . 6
4.3. Resource-oriented Architecture . . . . . . . . . . . . . 6
5. ROLIE Requirements for the Atom Publishing Protocol . . . . . 7
5.1. AtomPub Service Documents . . . . . . . . . . . . . . . . 7 5.1. AtomPub Service Documents . . . . . . . . . . . . . . . . 7
5.1.1. Use of the "app:workspace" Element . . . . . . . . . 8 5.1.1. Use of the "app:workspace" Element . . . . . . . . . 7
5.1.2. Use of the "app:collection" Element . . . . . . . . . 8 5.1.2. Use of the "app:collection" Element . . . . . . . . . 8
5.1.3. Service Discovery . . . . . . . . . . . . . . . . . . 9 5.1.3. Service Discovery . . . . . . . . . . . . . . . . . . 9
5.2. AtomPub Category Documents . . . . . . . . . . . . . . . 10 5.2. AtomPub Category Documents . . . . . . . . . . . . . . . 9
5.3. Transport Layer Security . . . . . . . . . . . . . . . . 10 5.3. Transport Layer Security . . . . . . . . . . . . . . . . 10
5.4. User Authentication and Authorization . . . . . . . . . . 11 5.4. User Authentication and Authorization . . . . . . . . . . 11
5.5. / (forward slash) Resource URL . . . . . . . . . . . . . 12 5.5. / (forward slash) Resource URL . . . . . . . . . . . . . 11
5.6. HTTP methods . . . . . . . . . . . . . . . . . . . . . . 12 5.6. HTTP methods . . . . . . . . . . . . . . . . . . . . . . 11
6. ROLIE Requirements for the Atom Syndication Format . . . . . 12 6. ROLIE Requirements for the Atom Syndication Format . . . . . 12
6.1. Use of the "atom:feed" element . . . . . . . . . . . . . 12 6.1. Use of the "atom:feed" element . . . . . . . . . . . . . 12
6.1.1. Use of the "atom:category" Element . . . . . . . . . 13 6.1.1. Use of the "atom:category" Element . . . . . . . . . 13
6.1.2. Use of the "atom:link" Element . . . . . . . . . . . 14 6.1.2. Use of the "atom:link" Element . . . . . . . . . . . 14
6.1.3. Use of the "atom:updated" Element . . . . . . . . . . 15 6.1.3. Use of the "atom:updated" Element . . . . . . . . . . 15
6.2. Use of the "atom:entry" Element . . . . . . . . . . . . 16 6.2. Use of the "atom:entry" Element . . . . . . . . . . . . 15
6.2.1. Use of the "atom:content" Element . . . . . . . . . . 16 6.2.1. Use of the "atom:content" Element . . . . . . . . . . 16
6.2.2. Use of the "atom:link" Element . . . . . . . . . . . 17 6.2.2. Use of the "atom:link" Element . . . . . . . . . . . 16
6.2.3. Use of the "rolie:format" Element . . . . . . . . . . 17 6.2.3. Use of the "rolie:format" Element . . . . . . . . . . 17
6.2.4. Use of the rolie:property Element . . . . . . . . . . 18 6.2.4. Use of the rolie:property Element . . . . . . . . . . 18
6.2.5. Requirements for a Standalone Entry . . . . . . . . . 19 6.2.5. Requirements for a Standalone Entry . . . . . . . . . 19
7. Available Extension Points Provided by ROLIE . . . . . . . . 19 7. Available Extension Points Provided by ROLIE . . . . . . . . 19
7.1. The Category Extension Point . . . . . . . . . . . . . . 20 7.1. The Category Extension Point . . . . . . . . . . . . . . 20
7.1.1. General Use of the "atom:category" Element . . . . . 20 7.1.1. General Use of the "atom:category" Element . . . . . 20
7.1.2. Identification of Security Automation Information 7.1.2. Identification of Security Automation Information
Types . . . . . . . . . . . . . . . . . . . . . . . . 21 Types . . . . . . . . . . . . . . . . . . . . . . . . 21
7.2. The "rolie:format" Extension Point . . . . . . . . . . . 22 7.2. The "rolie:format" Extension Point . . . . . . . . . . . 22
7.3. The Link Relation Extension Point . . . . . . . . . . . . 22 7.3. The Link Relation Extension Point . . . . . . . . . . . . 22
7.4. The "rolie:property" Extension Point . . . . . . . . . . 23 7.4. The "rolie:property" Extension Point . . . . . . . . . . 23
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23
8.1. XML Namespaces and Schema URNs . . . . . . . . . . . . . 23 8.1. XML Namespaces and Schema URNs . . . . . . . . . . . . . 23
8.2. ROLIE URN Sub-namespace . . . . . . . . . . . . . . . . . 23 8.2. ROLIE URN Sub-namespace . . . . . . . . . . . . . . . . . 24
8.3. ROLIE URN Parameters . . . . . . . . . . . . . . . . . . 24 8.3. ROLIE URN Parameters . . . . . . . . . . . . . . . . . . 24
8.4. ROLIE Security Resource Information Type Sub-Registry . . 25 8.4. ROLIE Security Resource Information Type Sub-Registry . . 26
9. Security Considerations . . . . . . . . . . . . . . . . . . . 26 8.5. Well-Known URI Registrations . . . . . . . . . . . . . . 27
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 28 9. Security Considerations . . . . . . . . . . . . . . . . . . . 27
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 28 10. Privacy Considerations . . . . . . . . . . . . . . . . . . . 29
11.1. Normative References . . . . . . . . . . . . . . . . . . 28 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 30
11.2. Informative References . . . . . . . . . . . . . . . . . 30 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 30
11.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 31 12.1. Normative References . . . . . . . . . . . . . . . . . . 30
Appendix A. Relax NG Compact Schema for ROLIE . . . . . . . . . 31 12.2. Informative References . . . . . . . . . . . . . . . . . 32
Appendix B. Examples of Use . . . . . . . . . . . . . . . . . . 32 12.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 33
B.1. Service Discovery . . . . . . . . . . . . . . . . . . . . 32 Appendix A. Relax NG Compact Schema for ROLIE . . . . . . . . . 33
B.2. Feed Retrieval . . . . . . . . . . . . . . . . . . . . . 35 Appendix B. Examples of Use . . . . . . . . . . . . . . . . . . 34
B.3. Entry Retrieval . . . . . . . . . . . . . . . . . . . . . 37 B.1. Service Discovery . . . . . . . . . . . . . . . . . . . . 34
Appendix C. Change History . . . . . . . . . . . . . . . . . . . 38 B.2. Feed Retrieval . . . . . . . . . . . . . . . . . . . . . 37
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 40 B.3. Entry Retrieval . . . . . . . . . . . . . . . . . . . . . 39
Appendix C. Change History . . . . . . . . . . . . . . . . . . . 40
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 42
1. Introduction 1. Introduction
This document defines a resource-oriented approach to security This document defines a resource-oriented approach to security
automation information sharing that follows the REST (Architectural S automation information sharing that follows the Representational
tyles and the Design of Network-based Software Architectures) State Transfer (REST) architectural style [REST]. In this approach,
architectural style. In this approach, computer security resources computer security resources are maintained in web-accessible
are maintained in web-accessible repositories structured as Atom repositories structured as Atom Syndication Format [RFC4287] Feeds.
Syndication Format [RFC4287] Feeds. Representations of specific Within a given Feed, which may be requested by the consumer,
types of security automation information are categorized and representations of specific types of security automation information
organized into indexed Collections which may be requested by the are organized, categorized, and described. Furthermore, all
consumer. As the set of resource Collections are forward facing, the collections available to a given user are discoverable, allowing the
consumer may search all available content for which they are consumer to search all available content they are authorized to view,
authorized to view, and request the information resources which are and to locate and request the desired information resources. Through
desired. Through use of granular authentication and access controls, use of granular authentication and access controls, only authorized
only authorized consumers may be permitted the ability to read or consumers may be permitted the ability to read or write to a given
write to a given Feed. This approach is in contrast to, and meant to Feed.
improve on, the traditional point-to-point messaging system, in which
consumers must request individual pieces of information from a server
following a triggering event. The point-to-point approach creates a
closed system of information sharing that encourages duplication of
effort and hinders automated security systems.
The goal of this document is to define a RESTful approach to security The goal of this approach is to increase the communication and
information communication with two primary intents: 1) increasing sharing of security information between providers and consumers that
communication and sharing of incident reports, vulnerability can be used to automate security processes (e.g., incident reports,
assessments, configuration checklists, and other security automation vulnerability assessments, configuration checklists, and other
information between providers and consumers; and 2) establishing a security automation information). Such sharing allows human
standardized communication system to support automated computer operators and computer systems to leverage this standardized
security systems. communication system to gather information that supports the
automation of security processes.
In order to deal with the great variety in security automation In for new types of security automation information and associated
information types and associated resource representations, this resource representations to be shared over time, this specification
specification defines extension points that can be used to add defines extension points that can be used to add support for new
support for new information types and associated resource information types and associated resource representations by means of
representations by means of additional supplementary specification additional supplementary specification documents. Sections 5 and 6
documents. This primary document is resource representation of this document define the core requirements of all implementations
agnostic, and defines the core requirements of all implementations. of this specification, and is resource representation agnostic. An
An overview of the extension system is provided in Section 7.Those overview of the extension system is provided in Section 7.
seeking to provide support for specific security automation Implementers seeking to provide support for specific security
information types should refer to the specification for that domain automation information types should refer to the specification for
described by the IANA registry found in section 8.4. that domain described by the IANA registry found in section 8.4.
2. Terminology 2. Terminology
The key words "MUST," "MUST NOT," "REQUIRED," "SHALL," "SHALL NOT," The key words "MUST," "MUST NOT," "REQUIRED," "SHALL," "SHALL NOT,"
"SHOULD," "SHOULD NOT," "RECOMMENDED," "MAY," and "OPTIONAL" in this "SHOULD," "SHOULD NOT," "RECOMMENDED," "MAY," and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
The previous key words are used in this document to define the
conformance requirements for implementations of this specification.
This document does not give any recommendations for the use of ROLIE,
it only provides conformance requirements for implementations of this
specification.
Definitions for some of the common computer security-related Definitions for some of the common computer security-related
terminology used in this document can be found in Section 2 of terminology used in this document can be found in Section 2 of
[RFC7970]. [RFC7970].
The following terms are unqiue to this specification: The following terms are unique to this specification:
Information Type A class of security automation information, having Information Type A class of security automation information having
an associated data model, that is the subject of a security one or more associated data models. Often such security
process that can be automated. See section 7.1.2 for more automation information is used in the automation of a security
information. process. See section 7.1.2 for more information.
3. XML-related Conventions 3. XML-related Conventions
3.1. XML Namespaces 3.1. XML Namespaces
This specification uses XML Namespaces [W3C.REC-xml-names-20091208] This specification uses XML Namespaces [W3C.REC-xml-names-20091208]
to uniquely identify XML element names. It uses the following to uniquely identify XML element names. It uses the following
namespace prefix mappings for the indicated namespace URI: namespace prefix mappings for the indicated namespace URI:
"app" is used for the "http://www.w3.org/2007/app" namespace "app" is used for the "http://www.w3.org/2007/app" namespace
skipping to change at page 5, line 17 skipping to change at page 5, line 17
"atom" is used for the "http://www.w3.org/2005/Atom" namespace "atom" is used for the "http://www.w3.org/2005/Atom" namespace
defined in [RFC4287]. defined in [RFC4287].
"rolie" is used for the "urn:ietf:params:xml:ns:rolie:1.0" "rolie" is used for the "urn:ietf:params:xml:ns:rolie:1.0"
namespace defined in section 8.1 of this specification. namespace defined in section 8.1 of this specification.
3.2. RELAX NG Compact Schema 3.2. RELAX NG Compact Schema
Some sections of this specification are illustrated with fragments of Some sections of this specification are illustrated with fragments of
a non-normative RELAX NG Compact schema [relax-NG]. However, the a non-normative RELAX NG Compact schema [relax-NG]. The text of this
text of this specification provides the definition of conformance. specification provides the definition of conformance. Schema for the
Schema for the "http://www.w3.org/2007/app" and "http://www.w3.org/2007/app" and "http://www.w3.org/2005/Atom"
"http://www.w3.org/2005/Atom" namespaces appear in RFC5023 appendix B namespaces appear in RFC5023 appendix B [RFC5023] and RFC4287
[RFC5023] and RFC4287 appendix B [RFC4287] respectively. appendix B [RFC4287] respectively.
A complete RELAX NG Compact Schema for the new elements introduced by A complete informative RELAX NG Compact Schema for the new elements
ROLIE is provided in Appendix A. introduced by ROLIE is provided in Appendix A.
4. Background and Motivation 4. Background and Motivation
Information sharing is one of the core components of automating In order to automate security process, tools need access to
security processes. Vulnerabilities, configurations, software sufficient sources of structured, security information that can be
identification, security incidents, and patching data are just a few used to drive security processes. Thus, security information sharing
of the classes of information that are shared today to enable is one of the core components of automating security processes.
effective security on a wide scale. However, as the scale of defense Vulnerabilities, configurations, software identification, security
broadens to sometimes global networks, and the inherent scaling incidents, and patch data are just a few of the classes of
issues of human-in-the-loop sharing become apparent, the need for information that are shared today to enable effective security on a
automation and machine-to-machine communication becomes apparent. wide scale. However, as the scale of defense broadens as networks
become larger and more complex, and the volume of information to
4.1. Proactive Sharing process makes humans-in-the-loop difficult to scale, the need for
automation and machine-to-machine communication becomes increasingly
Existing approaches to computer security information sharing often critical.
use message exchange patterns that are point-to-point. Sometimes,
information that may be useful to share with multiple peers is only
made available to peers after they have specifically requested it.
Unfortunately, a sharing peer may not know, a priori, what
information to request from another peer. Some existing systems
provide a mechanism for unsolicited information requests, however,
these reports are again sent point-to-point, and must be reviewed for
relevance and then prioritized for action by the recipient,
introducing additional latency.
In order to adequately combat evolving threats, computer security
information resource providers should be able to share selected
information proactively. Proactive sharing greatly aids knowledge
dissemination, and improves response times and usability by allowing
the consumer to choose which information is relevant to its needs.
For example, a security analyst can benefit by having the ability to
search a comprehensive collection of attack indicators that have been
published by a government agency, or by another member of a sharing
consortium. The representation of each indicator may include links
to the related resources, enabling an appropriately authenticated and
authorized analyst to freely navigate the information space of
indicators, incidents, vulnerabilities, and other computer security
domain concepts as needed. In this way, an analyst can more
effectively utilize the super set of information made publicly
available.
4.2. Knowledge Aggregation
Additionally, there is value in maintaining a repository of knowledge ROLIE seeks to address this need by providing three major information
that can be queried by a new consumer, allowing this consumer to sharing benefits:
identify and retrieve any information that is relevant to its needs.
In this way, the consumer can gain access to meaningful current and
historic information, catching up to the knowledge level of its
peers.
Consider the case of an automated endpoint management system Extensible information type categories and format agnosticism: ROLIE
attempting to proactively prevent software flaws and mis-configured is not bound to any given data format or category of information.
software from compromising the security of the affected systems. Instead, information categories are extensible, and entries
During its full network sweep, the endpoint monitoring system would declare the format of the referenced data. In cases where several
check each endpoint for outdated, vulnerable, and mis-configured formats or serializations are available, ROLIE can use link
software. This system would benefit from having access to not only relations to communicate how a consumer can access these formats.
the software vendor's list of vulnerabilities and configuration For example, clients may request that a given resource
baselines, but also similar information discovered by other security representation be returned as XML, JSON, or in some other format
researchers. An advanced system could even give back to this sharing or serialization. This approach allows the provider to support
consortium by sharing any relevant information discovered. multiple, compatible formats allowing the consumer to select the
most suitable version.
These capabilities support a federated collection of information Open and distributed information sharing: Using the Atom Publishing
repositories that can be queried and contributed to by an Protocol, ROLIE feeds can easily aggregate feeds and accept
organization, further supporting automated security solutions. information POSTed to them from other sources. Webs of
communicating ROLIE servers form ad-hoc sharing communities,
increasing data availability and the ability to correlate linked
data across sources for participating consumers. ROLIE servers
needn't be distributed however, as large ROLIE repositories can
function as a central or federated collections.
4.3. Resource-oriented Architecture Stateless communication model: ROLIE, as a RESTful system, is
stateless. That is, the server doesn't keep track of client
sessions, but rather uses link relations for state transitions.
In practice, this means that any consumer can find and share
information at any organizational level and at any time without
needing to execute a long series of requests.
Applying the REST architectural style to the problem domain of Information discovery and navigation: ROLIE provides a number of
security information sharing involves exposing information of any mechanisms to allow clients to programmtically discover and
relevant type as simple Web-addressable resources. Each provider navigate collections of information in order to dynamically
maintains their own repository of data, with public and private discover new or revised content. Extensible information types and
sections as needed. Any producer or consumer can then discover these other categories provide one way of determining content that is
repositories, search for relevant Feeds, and pull information from desirable. Link elements, each with a target URI and an
them. By using this approach, an organization can more quickly and established relationship type, provide a means for ROLIE providers
easily share relevant data representations with a much larger and to link other information that is relevant to the current entry or
potentially more diverse constituency. A consumer may leverage feed.
virtually any available HTTP user agent in order to make requests of
the service provider. This improved ease of use enables more rapid
adoption and broader participation, thereby improving security for
everyone.
A key aspect of any RESTful Web service is the ability to provide These benefits result in an information sharing protocol that is
multiple resource representations. For example, clients may request lightweight, interactive, open, and most importantly, machine
that a given resource representation be returned as XML, JSON, or in readable.
some other format. In order to enable backwards-compatibility and
interoperability with existing implementations, the RESTful approach
allows the provider to make differing formats available proactively,
allowing the consumer to simply select the version that best suits
them.
Finally, an important principle of the REST architectural style is The requirements in this specification are broken into two major
the focus on hypermedia as the engine of application state (HATEOAS). sections, extensions to the Atom Publishing Protocol (AtomPub)
Rather than the server maintaining conversational state for each [RFC5023], and extensions to the Atom Syndication Format [RFC4287].
client, the server will instead include a suitable set of hyperlinks All normative requirements in AtomPub and Atom Syndication are
in the resource representation that is returned to the client. The inherited from their respective specifications, and apply here unless
included hyperlinks provide the client with a specific set of the requirement is explicitly overridden in this document. In this
permitted state transitions. Using these links the client may way, this document may upgrade the requirement (e.g., make a SHOULD a
perform an operation, such as updating or deleting the resource MUST), but will never downgrade a given requirement (e.g., make a
representation. The client may also be provided with hypertext links MUST a SHOULD).
that can be used to navigate to any related resource. For example,
the resource representation for an object may contain links to the
related resource(s). In this way, the server remains stateless with
respect to a series of client requests.
5. ROLIE Requirements for the Atom Publishing Protocol 5. ROLIE Requirements for the Atom Publishing Protocol
This section describes a number of restrictions of and extensions to This section describes a number of restrictions of and extensions to
the Atom Publishing Protocol (AtomPub) [RFC5023] that define the use the Atom Publishing Protocol (AtomPub) [RFC5023] that define the use
of that protocol in the context of a ROLIE-based solution. The of that protocol in the context of a ROLIE-based solution. The
normative requirements in this section are generally oriented towards normative requirements in this section are generally oriented towards
client and server implementations. An understanding of the Atom client and server implementations. An understanding of the Atom
Publishing Protocol specification [RFC5023] is helpful to understand Publishing Protocol specification [RFC5023] is helpful to understand
the requirements in this section. the requirements in this section.
skipping to change at page 8, line 12 skipping to change at page 7, line 24
consists of one or more app:workspace elements that may each contain consists of one or more app:workspace elements that may each contain
a number of app:collection elements. a number of app:collection elements.
The general structure of a service document is as follows (from The general structure of a service document is as follows (from
RFC5023 section 4.2 [RFC5023]): RFC5023 section 4.2 [RFC5023]):
Service Service
o- Workspace o- Workspace
| | | |
| o- Collection | o- Collection
| | | | |
| o- IRI, categories, media types | | o- IRI, categories, media types
| |
| o- ...
| |
o- Workspace o- Workspace
| | |
o- Collection | o- Collection
| | | |
o- IRI, categories, media types | | o- IRI, categories, media types
| |
| o- ...
|
o- ...
5.1.1. Use of the "app:workspace" Element 5.1.1. Use of the "app:workspace" Element
In AtomPub, a Workspace, represented by the "app:workspace" element, In AtomPub, a Workspace, represented by the "app:workspace" element,
describes a group of one or more Collections. Building on the describes a group of one or more Collections. Building on the
AtomPub concept of a Workspace, in ROLIE a Workspace represents an AtomPub concept of a Workspace, in ROLIE a Workspace represents an
aggregation of Collections pertaining to security automation aggregation of Collections pertaining to security automation
information resources. This specification does not impose any information resources. This specification does not impose any
restrictions on the number of Workspaces that may be in a Service restrictions on the number of Workspaces that may be in a Service
Document or the specific Collections to be provided within a given Document or the specific Collections to be provided within a given
Workspace. Workspace.
The following restrictions are imposed on the use of the A ROLIE implementation can host Collections containing both public
app:workspace element in ROLIE: and private information entries. It is RECOMMENDED that
implementations segregate public and private Collections into
o A ROLIE repository can host Collections containing both public and different app:workspace elements. By doing this, Workspaces that
private information entries. It is RECOMMENDED that public and contain private information can be ignored by clients or can be
private Collections be segregated into different Workspaces. By omitted from the Service Document provided to a client that lacks the
doing this, Workspaces that contain private information can be appropriate privilege to access the set of Collections associated
ignored by clients or can be omitted from the Service Document with the Workspace.
provided to a client that lacks the appropriate privilege to
access the set of Collections associated with the Workspace.
o Appropriate descriptions and naming conventions SHOULD be used to
indicate the intended audience of each workspace. This helps to
facilitate the selection of appropriate Workspaces by users.
5.1.2. Use of the "app:collection" Element 5.1.2. Use of the "app:collection" Element
In AtomPub, a Collection in a Service Document, represented by the In AtomPub, a Collection in a Service Document, represented by the
"app:collection" element, provides metadata that can be used to point "app:collection" element, provides metadata that can be used to point
to a specific Atom Feed that contains information Entries that may be to a specific Atom Feed that contains information Entries that may be
of interest to a client. The association between a Collection and a of interest to a client. The association between a Collection and a
Feed is provided by the "href" attribute of the app:collection Feed is provided by the "href" attribute of the app:collection
element. Building on the AtomPub concept of a Collection, in ROLIE a element. Building on the AtomPub concept of a Collection, in ROLIE a
Collection represents a pointer to a group of security automation Collection represents a pointer to a group of security automation
information resources pertaining to a given type of security information resources pertaining to a given type of security
automation information. Collections are represented as Atom Feeds as automation information. Collections are represented as Atom Feeds as
per RFC 5023. Atom Feed specific requirements are defined in section per RFC 5023. Atom Feed specific requirements are defined in section
6.1. 6.1.
The following restrictions are imposed on the use of the The following restrictions are imposed on the use of the
app:collection element for ROLIE: app:collection element for ROLIE implementations:
o The atom:category elements contained in the app:categories element o The atom:category elements contained in the app:categories element
MUST be the same set of atom:categories used in the Atom Feed MUST be the same set of atom:categories used in the Atom Feed
resource indicated by the app:collection "href" attribute value. resource indicated by the app:collection "href" attribute value.
This ensures that the category metadata associated with the This ensures that the category metadata associated with the
Collection is discoverable in both the Feed and the corresponding Collection is discoverable in both the Feed and the corresponding
Collection in the Service Document. Collection in the Service Document.
o An app:collection pertaining to a security automation information o An app:collection pertaining to a security automation information
resource Feed MUST contain an app:categories element that resource Feed MUST contain an app:categories element that
skipping to change at page 9, line 48 skipping to change at page 9, line 14
o The app:categories element in an app:collection MAY include o The app:categories element in an app:collection MAY include
additional atom:category elements using a scheme other than additional atom:category elements using a scheme other than
"urn:ietf:params:rolie:category:information-type". This allows "urn:ietf:params:rolie:category:information-type". This allows
other category metadata to be included. other category metadata to be included.
5.1.3. Service Discovery 5.1.3. Service Discovery
This specification requires that an implementation MUST publish an This specification requires that an implementation MUST publish an
Atom Service Document that describes the set of security information Atom Service Document that describes the set of security information
sharing Collections that are provided by the repository. Collections provided by the service. The Service Document MUST be
retrievable using the standardized URI template
The Service Document SHOULD be discoverable via the organization's "https://{host:port}/.well-known/rolie/servicedocument", where
Web home page or another well-known public resource. An example of
this can be found in appendix B.1.
The Service Document MUST be retrievable using the standardized URI
template "https://{host:port}/rolie/servicedocument", where
{host:port} is the authority portion of the URI. Dereferencing this {host:port} is the authority portion of the URI. Dereferencing this
URI MAY result in a redirect based on an appropriate HTTP 3xx status URI MAY result in a redirect based on an appropriate HTTP 3xx status
code to direct the client to the actual Service Document. This code to direct the client to the actual Service Document. This
allows clients to have a well-known location to find a ROLIE service allows clients to have a well-known location to find a ROLIE service
document, while giving implementations flexibility over how the document, while giving implementations flexibility over how the
service is deployed. service is deployed.
The service document MAY also be digitally signed and/or encrypted This document registers the "rolie/servicedocument" well-known URI as
according to XML Signature Syntax and Processing [xmldsig] and XML per [RFC5785] in Section 8.5.
Encryption Syntax and Processing [xmlenc] respectively.
A mechanism to determine which host and port to use is not specified
in this document. Use of a mechanism such as DNS SRV Records
[RFC2782] can provide a secure and reliable discovery mechanism for
determining a specific host and port to use for retrieving a Service
Document for a given DNS domain.
5.2. AtomPub Category Documents 5.2. AtomPub Category Documents
As described in RFC5023 section 7 [RFC5023], a Category Document is As described in RFC5023 section 7 [RFC5023], a Category Document is
an XML-based document format that allows a client to dynamically an XML-based document format that allows a client to dynamically
discover the Categories used within AtomPub Service Documents, and discover the Categories used within AtomPub Service Documents, and
Atom Syndication Feed and Entry documents provided by a publisher. A Atom Syndication Feed and Entry documents provided by a publisher. A
Category Document consists of one app:categories element that Category Document consists of one app:categories element that
contains a number of inline atom:category elements, or a URI contains a number of inline atom:category elements, or a URI
referencing a Category Document that describes the repository. referencing a Category Document.
A ROLIE implementation MUST publish an Category Document that A ROLIE implementation MUST publish a Category Document that
describes the set of atom:category elements and associated terms used describes the set of atom:category elements and associated terms
within the implemented repository. currently used by the service.
The Category Document MUST be retrievable using the standardized URI The Category Document MUST be retrievable using the standardized URI
template "https://{host:port}/rolie/categorydocument", where template "https://{host:port}/.well-known/rolie/categorydocument",
{host:port} is the authority portion of the URI. Dereferencing this where {host:port} is the authority portion of the URI. Dereferencing
URI MAY result in a redirect based on an appropriate HTTP 3xx status this URI MAY result in a redirect based on an appropriate HTTP 3xx
code to direct the client to the actual Category Document. This status code to direct the client to the actual Category Document.
allows clients to have a well-known location to find a ROLIE category This allows clients to have a well-known location to find a ROLIE
document, while giving implementations flexibility over how the category document, while giving implementations flexibility over how
service is deployed. the service is deployed.
This document registers the "rolie/categorydocument" well-known URI
as per [RFC5785] in Section 8.5.
5.3. Transport Layer Security 5.3. Transport Layer Security
ROLIE is intended to be handled with TLS. The following requirements ROLIE is intended to be handled with TLS. The following requirements
have been derived from [RFC7589]. have been derived from [RFC7589].
The most recent published version of TLS MUST be supported, and any The most recent published version of TLS MUST be supported, and any
mandatory-to-implement (MTI) cipher suites in that version MUST be mandatory-to-implement (MTI) cipher suites in that version MUST be
supported as well. supported as well.
skipping to change at page 11, line 21 skipping to change at page 10, line 35
client's expectations. Particularly, the client MUST check its client's expectations. Particularly, the client MUST check its
understanding of the server hostname against the server's identity as understanding of the server hostname against the server's identity as
presented in the server Certificate message, in order to prevent man- presented in the server Certificate message, in order to prevent man-
in-the-middle attacks. Matching is performed according to the rules in-the-middle attacks. Matching is performed according to the rules
laid out in the Security Considerations section of [RFC4642]. laid out in the Security Considerations section of [RFC4642].
If the match fails, the client MUST either ask for explicit user If the match fails, the client MUST either ask for explicit user
confirmation or terminate the connection and indicate the server's confirmation or terminate the connection and indicate the server's
identity is suspect. Additionally, clients MUST verify the binding identity is suspect. Additionally, clients MUST verify the binding
between the identity of the servers to which they connect and the between the identity of the servers to which they connect and the
public keys presented by those servers. Clients SHOULD implement the public keys presented by those servers. Client implementations
algorithm in Section 6 of [RFC5280] for general certificate SHOULD support an equivalent certificate validation approach to the
validation, but MAY supplement that algorithm with other validation what is defined in Section 6 of [RFC5280], but MAY supplement that
methods that achieve equivalent levels of verification (such as algorithm with other validation methods that achieve equivalent
comparing the server certificate against a local store of already- levels of verification (such as comparing the server certificate
verified certificates and identity bindings). If the client has against a local store of already-verified certificates and identity
external information as to the expected identity of the server, the bindings). If the client has external information as to the expected
hostname check MAY be omitted. identity of the server, the hostname check MAY be omitted.
The server MUST be capable of verifying the identity of the client The server MUST be capable of verifying the identity of the client
with certificate-based authentication according to local policy to with certificate-based authentication according to local policy to
ensure that the incoming client request is legitimate before any ensure that the incoming client request is legitimate before any
configuration or state data is sent to or received from the client. configuration or state data is sent to or received from the client.
5.4. User Authentication and Authorization 5.4. User Authentication and Authorization
Implementations MUST support user authentication. User Implementations MUST support user authentication. However, a given
authentication MAY be enabled for specific Feeds. implementation MAY allow user authentication to be disabled on a feed
by feed basis.
Servers participating in an information sharing consortium and Servers participating in an information sharing consortium and
supporting interactive user logins by members of the consortium supporting interactive user logins by members of the consortium
SHOULD support client authentication via a federated identity scheme SHOULD support client authentication via a federated identity scheme
(e.g., SAML 2.0). (e.g., SAML 2.0).
This document does not mandate the use of any specific user This document does not mandate the use of any specific user
authorization mechanisms. However, service implementers SHOULD authorization mechanisms. However, service implementers SHOULD
provide appropriate authorization checking for all resource accesses, provide appropriate authorization checking for all resource accesses,
including individual Atom Entries, Atom Feeds, and Atom Service including individual Atom Entries, Atom Feeds, and Atom Service
skipping to change at page 12, line 40 skipping to change at page 12, line 11
Clients MUST be capable of recognizing and processing any standard Clients MUST be capable of recognizing and processing any standard
HTTP status code, as defined in [RFC5023] Section 5. HTTP status code, as defined in [RFC5023] Section 5.
6. ROLIE Requirements for the Atom Syndication Format 6. ROLIE Requirements for the Atom Syndication Format
This section describes a number of restrictions of and extensions to This section describes a number of restrictions of and extensions to
the Atom Syndication Format [RFC4287] that define the use of that the Atom Syndication Format [RFC4287] that define the use of that
format in the context of a ROLIE-based solution. The normative format in the context of a ROLIE-based solution. The normative
requirements in this section are generally oriented towards any requirements in this section are generally oriented towards any
content to be published to a ROLIE repository. An understanding of content to be published to a ROLIE server. An understanding of the
the Atom Syndication Format specification [RFC4287] is helpful to Atom Syndication Format specification [RFC4287] is helpful to
understand the requirements in this section. understand the requirements in this section.
6.1. Use of the "atom:feed" element 6.1. Use of the "atom:feed" element
As described in RFC4287 section 4.1.1 [RFC4287], an Atom Feed is an As described in RFC4287 section 4.1.1 [RFC4287], an Atom Feed is an
XML-based document format that describes a list of related XML-based document format that describes a list of related
information items. The list of Atom Feeds provided by a ROLIE information items. The list of Atom Feeds provided by a ROLIE
service instance are listed in the service's Service Document through service instance are listed in the service's Service Document through
one or more app:collection elements. Each Feed document, represented one or more app:collection elements. Each Feed document, represented
using the atom:feed element, contains a listing of zero or more using the atom:feed element, contains a listing of zero or more
skipping to change at page 13, line 15 skipping to change at page 12, line 34
"Entry". "Entry".
When applied to the problem domain of security automation information When applied to the problem domain of security automation information
sharing, an Atom Feed may be used to represent any meaningful sharing, an Atom Feed may be used to represent any meaningful
collection of security automation information resources. Each Entry collection of security automation information resources. Each Entry
in an atom:feed represents an individual resource (e.g., a specific in an atom:feed represents an individual resource (e.g., a specific
checklist, a software vulnerability record). Additional Feeds can be checklist, a software vulnerability record). Additional Feeds can be
used to represent other collections of security automation resources. used to represent other collections of security automation resources.
The following Atom Feed definition represents a stricter definition The following Atom Feed definition represents a stricter definition
of the atom:feed element defined in RFC 4287 for use in a ROLIE Any of the atom:feed element defined in RFC 4287 for use in a ROLIE
element not specified here inherits its definition and requirements implementation. Any element not specified here inherits its
from [RFC4287]. definition and requirements from [RFC4287].
atomFeed = atomFeed =
element atom:feed { element atom:feed {
atomCommonAttributes, atomCommonAttributes,
(atomAuthor* (atomAuthor*
& atomCategory+ & atomCategory+
& atomContributor* & atomContributor*
& atomGenerator? & atomGenerator?
& atomIcon? & atomIcon?
& atomId & atomId
skipping to change at page 14, line 16 skipping to change at page 13, line 50
Entries in the Feed MUST represent security automation information Entries in the Feed MUST represent security automation information
records of the provided information type category or categories. records of the provided information type category or categories.
o Any atom:feed element that does not contain a child atom:category o Any atom:feed element that does not contain a child atom:category
element with the "scheme" attribute value of element with the "scheme" attribute value of
"urn:ietf:params:rolie:category:information-type" MUST NOT be "urn:ietf:params:rolie:category:information-type" MUST NOT be
considered a ROLIE Collection. This allows Feeds pertaining to considered a ROLIE Collection. This allows Feeds pertaining to
security automation information to co-exist alongside Feeds of security automation information to co-exist alongside Feeds of
other non-ROLIE information within the same AtomPub instance. other non-ROLIE information within the same AtomPub instance.
o An atom:feed may include additional atom:category elements using a o An atom:feed MAY include additional atom:category elements using a
scheme other than "urn:ietf:params:rolie:category:information- scheme other than "urn:ietf:params:rolie:category:information-
type". This allows other category metadata to be included. type". This allows other category metadata to be included.
6.1.2. Use of the "atom:link" Element 6.1.2. Use of the "atom:link" Element
Link relations defined by the atom:link element are used to represent Link relations defined by the atom:link element are used to represent
state transitions using a stateless approach. In Atom a type of link state transitions using a stateless approach. In Atom a type of link
relationship can be defined using the "rel" attribute. relationship can be defined using the "rel" attribute.
A ROLIE atom:feed MUST contain one or more atom:link elements with A ROLIE atom:feed MUST contain one or more atom:link elements with
rel="service" and href attribute whose value is a IRI that points to rel="service" and href attribute whose value is a IRI that points to
an Atom Service Document associated with the atom:feed. When a an Atom Service Document associated with the atom:feed. If a client
client is presented with a Feed as its initial view into a accesses a Feed without first accessing the service's service
repository, a link with the service relationship provides a means to document, a link with the "service" relationship provides a means to
discover additional security automation information. The "service" discover additional security automation information. The "service"
link relationship is defined in the IANA Link Relations Registry [1]. link relationship is defined in the IANA Link Relations Registry [1].
An atom:feed can contain an arbitrary number of Entries. In some An atom:feed can contain an arbitrary number of Entries. In some
cases, a complete Feed may consist of a large number of Entries. cases, a complete Feed may consist of a large number of Entries.
Additionally, as new and updated Entries are ordered at the beginning Additionally, as new and updated Entries are ordered at the beginning
of a Feed, a client may only be interested in retrieving the first N of a Feed, a client may only be interested in retrieving the first N
entries in a Feed to process only the Entries that have changed since entries in a Feed to process only the Entries that have changed since
the last retrieval of the Feed. As a practical matter, a large set the last retrieval of the Feed. As a practical matter, a large set
of Entries will likely need to be divided into more manageable of Entries will likely need to be divided into more manageable
skipping to change at page 16, line 8 skipping to change at page 15, line 44
6.1.3. Use of the "atom:updated" Element 6.1.3. Use of the "atom:updated" Element
The atom:updated element MUST be populated with the current time at The atom:updated element MUST be populated with the current time at
the instant the Feed representation was last updated by adding, the instant the Feed representation was last updated by adding,
updating, or deleting an Entry; or changing any metadata for the updating, or deleting an Entry; or changing any metadata for the
Feed. Feed.
6.2. Use of the "atom:entry" Element 6.2. Use of the "atom:entry" Element
Each Entry in an Atom Feed, represented by the atom:entry element, Each Entry in an Atom Feed, represented by the atom:entry element,
describes a single information record, format, and type combination. describes a single referenced information record, along with
The following atom:entry schema definition represents a stricter descriptive information about its format, media type, and other
representation of the atom:entry element defined in [RFC4287] for use publication metadata. The following atom:entry schema definition
in a ROLIE-based Atom Feed. represents a stricter representation of the atom:entry element
defined in [RFC4287] for use in a ROLIE-based Atom Feed.
atomEntry = atomEntry =
element atom:entry { element atom:entry {
atomCommonAttributes, atomCommonAttributes,
(atomAuthor* (atomAuthor*
& atomCategory* & atomCategory*
& atomContent & atomContent
& atomContributor* & atomContributor*
& atomId & atomId
& atomLink* & atomLink*
& atomPublished? & atomPublished?
& atomRights? & atomRights?
& atomSource? & atomSource?
& atomSummary? & atomSummary?
& atomTitle & atomTitle
& atomUpdated & atomUpdated
& rolieFormat & rolieFormat
& rolieProperty & rolieProperty*
& extensionElement*) & extensionElement*)
} }
6.2.1. Use of the "atom:content" Element 6.2.1. Use of the "atom:content" Element
There MUST be exactly one atomContent element in the Entry. The There MUST be exactly one atomContent element in the Entry. The
content element MUST adhere to this definition, which is a stricter content element MUST adhere to this definition, which is a stricter
representation of the atom:content element defined in [RFC4287]: representation of the atom:content element defined in [RFC4287]:
atomContent = atomContent =
skipping to change at page 18, line 17 skipping to change at page 18, line 11
atom:content element. For example, the namespace used may be an XML atom:content element. For example, the namespace used may be an XML
namespace URI, or an identifier that represents a serialized JSON namespace URI, or an identifier that represents a serialized JSON
model. The URI used for the "ns" attribute value MUST be an absolute model. The URI used for the "ns" attribute value MUST be an absolute
or opaque URI. The resource identified by the URI need not be or opaque URI. The resource identified by the URI need not be
resolvable. resolvable.
The rolie:format element MAY provide a "version" attribute that The rolie:format element MAY provide a "version" attribute that
identifies the version of the format used for the related identifies the version of the format used for the related
atom:content. atom:content.
The rolie:format element MAY provide a "schema-location" element that The rolie:format element MAY provide a "schema-location" attribute
is a URI that identifies a schema resource that can be used to that is a URI that identifies a schema resource that can be used to
validate the related atom:content. validate the related atom:content.
The rolie:format element MAY provide a "schema-type" element, which The rolie:format element MAY provide a "schema-type" attribute, which
is a mime type identifying the format of the schema resource is a mime type identifying the format of the schema resource
identified by the "schema-location" attribute. identified by the "schema-location" attribute.
For example, the nominal element <rolie:format The following nominal example shows how these attributes describe the
ns="urn:ietf:params:xml:ns:iodef-2.0" version="2.0" schema- format of the content:
location="https://www.iana.org/assignments/xml-registry/schema/iodef-
2.0.xsd"/> would provide an indication that the content of this entry <rolie:format ns="urn:ietf:params:xml:ns:iodef-2.0"
is using the IODEF v2 format. version="2.0"
schema-location=
"https://www.iana.org/assignments/xml-registry/schema/iodef-2.0.xsd"
schema-type-"text/xml"/>
The previous element provides an indication that the content of the
given entry is using the IODEF v2 format.
6.2.4. Use of the rolie:property Element 6.2.4. Use of the rolie:property Element
An atom:category element provides a way to associate a name/value An atom:category element provides a way to associate a name/value
pair of categorical information using the scheme and term attributes pair of categorical information using the scheme and term attributes
to represent the name, and the label attribute to represent the to represent the name, and the label attribute to represent the
value. When used in this way an atom:category allows a specific value. When used in this way an atom:category allows a specific
label to be selected from a finite set of possible label values that label to be selected from a finite set of possible label values that
can be used to further classify a given atom:entry or atom:feed. can be used to further classify a given atom:entry or atom:feed.
Within ROLIE, there may be a need to associate additional metadata Within ROLIE, there may be a need to associate additional metadata
skipping to change at page 19, line 37 skipping to change at page 19, line 37
Entry in order to provide additional information. Clients that do Entry in order to provide additional information. Clients that do
not recognize a property with an unregistered name attribute MAY not recognize a property with an unregistered name attribute MAY
ignore the rolie:property. ignore the rolie:property.
6.2.5. Requirements for a Standalone Entry 6.2.5. Requirements for a Standalone Entry
If an Entry is ever shared as a standalone resource, separate from If an Entry is ever shared as a standalone resource, separate from
its containing Feed, then the following additional requirements its containing Feed, then the following additional requirements
apply: apply:
o The Entry MUST have a atom:link element with rel="collection" and o The Entry MUST have an atom:link element with rel="collection" and
href="[IRI of the containing Collection]". This allows the Feed href="[IRI of the containing Collection]". This allows the Feed
or Feeds for which the Entry is a member to be discovered, along or Feeds for which the Entry is a member to be discovered, along
with the related information the Feed may contain. In the case of with the related information the Feed may contain. In the case of
the Entry have multiple containing Feeds, the Entry MUST have one the Entry have multiple containing Feeds, the Entry MUST have one
atom:link for each related Feed. atom:link for each related Feed.
o The Entry MUST declare the information type of the content o The Entry MUST declare the information type of the content
resource referenced by the Entry (see Section 7.1.2). resource referenced by the Entry (see Section 7.1.2).
7. Available Extension Points Provided by ROLIE 7. Available Extension Points Provided by ROLIE
skipping to change at page 20, line 19 skipping to change at page 20, line 19
including specific categories, link relations, as well as, use of including specific categories, link relations, as well as, use of
specific data formats supporting a given information type term. specific data formats supporting a given information type term.
7.1. The Category Extension Point 7.1. The Category Extension Point
The atom:category element, defined in RFC 4287 section 4.2.2 The atom:category element, defined in RFC 4287 section 4.2.2
[RFC4287], provides a mechanism to provide additional categorization [RFC4287], provides a mechanism to provide additional categorization
information for a content resource in ROLIE. The ability to define information for a content resource in ROLIE. The ability to define
new categories is one of the core extension points provided by Atom. new categories is one of the core extension points provided by Atom.
A Category Document, defined in RFC 5023 section 7 [RFC5023], A Category Document, defined in RFC 5023 section 7 [RFC5023],
provides a mechanism for an Atom repository to make discoverable the provides a mechanism for an Atom implementation to make discoverable
atom:category terms and allowed values used by a given repository. the atom:category terms and associated allowed values.
ROLIE further defines the use of the existing Atom extension category ROLIE further defines the use of the existing Atom extension category
mechanism by allowing ROLIE specific category extensions to be mechanism by allowing ROLIE specific category extensions to be
registered with IANA, and additionally has assigned the registered with IANA, and additionally has assigned the
"urn:ietf:params:rolie:category:information-type" category scheme "urn:ietf:params:rolie:category:information-type" category scheme
that has special meaning for implementations of ROLIE. This allows that has special meaning for implementations of ROLIE. This allows
category scheme namespaces to be managed in a more consistent way, category scheme namespaces to be managed in a more consistent way,
allowing for greater interoperability between content producers and allowing for greater interoperability between content producers and
consumers. consumers.
The namespace "urn:ietf:params:rolie:category:local" has been
reserved in the IANA ROLIE Parameters table for private use as
defined in [RFC5226]. Any category whose "scheme" attribute uses
this as a prefix MUST be considered private use. Implementations
encountering such a category MUST parse the content without error,
but MAY otherwise ignore the element.
Use of the "atom:category" element is discussed in the following Use of the "atom:category" element is discussed in the following
subsections. subsections.
7.1.1. General Use of the "atom:category" Element 7.1.1. General Use of the "atom:category" Element
The atom:category element can be used for characterizing a ROLIE The atom:category element can be used for characterizing a ROLIE
Resource. As discussed earlier in this document, an atom:category Resource. As discussed earlier in this document, an atom:category
element has a "term" attribute that indicates the assigned category element has a "term" attribute that indicates the assigned category
value, and a "scheme" attribute that provides an identifier for the value, and a "scheme" attribute that provides an identifier for the
category type. The "scheme" provides a means to describe how a set category type. The "scheme" provides a means to describe how a set
skipping to change at page 23, line 10 skipping to change at page 23, line 12
represented in ROLIE according to RFC 4287 section 4.2.7.2 [RFC4287]. represented in ROLIE according to RFC 4287 section 4.2.7.2 [RFC4287].
Based on the preceding reference, if the link relation is too Based on the preceding reference, if the link relation is too
specific or limited in the intended use, an absolute IRI can be used specific or limited in the intended use, an absolute IRI can be used
in lieu of registering a new simple name with IANA. in lieu of registering a new simple name with IANA.
7.4. The "rolie:property" Extension Point 7.4. The "rolie:property" Extension Point
As discussed previously in Section 6.2.4, many formats contain unique As discussed previously in Section 6.2.4, many formats contain unique
identifying and characterizing properties that are vital for sharing identifying and characterizing properties that are vital for sharing
information. In order to provide a global reference for these information. In order to provide a global reference for these
properties, this document establishes an IANA registry in Section 7.4 properties, this document establishes an IANA registry in Section 8.3
that allows ROLIE extensions to register named properties using the that allows ROLIE extensions to register named properties using the
name field with a type parameter of "property" to indicate a property name field with a type parameter of "property" to indicate a property
extension. Implementations SHOULD prefer the use of registered extension. Implementations SHOULD prefer the use of registered
properties over implementation specific properties when possible. properties over implementation specific properties when possible.
ROLIE extensions are expected to register new and use existing ROLIE extensions are expected to register new and use existing
properties to provide valuable identifying and characterizing properties to provide valuable identifying and characterizing
information for a given information type and/or format. information for a given information type and/or format.
The namespace "urn:ietf:params:rolie:property:local" has been
reserved in the IANA ROLIE Parameters table for private use as
defined in [RFC5226]. Any property whose "name" attribute uses this
as a prefix MUST be considered private use. Implementations
encountering such a property MUST parse the content without error,
but MAY otherwise ignore the element.
This document also registers the
"urn:ietf:params:rolie:property:content-author-name" property name.
This property provides an exposure point for the person or
organization that authored the content linked to in the "src"
attribute of the entry's atom:content element.
8. IANA Considerations 8. IANA Considerations
This document has a number of IANA considerations described in the This document has a number of IANA considerations described in the
following subsections. following subsections.
8.1. XML Namespaces and Schema URNs 8.1. XML Namespaces and Schema URNs
This document uses URNs to describe XML namespaces and XML schemas This document uses URNs to describe XML namespaces and XML schemas
conforming to a registry mechanism described in [RFC3688]. conforming to a registry mechanism described in [RFC3688].
skipping to change at page 24, line 44 skipping to change at page 25, line 12
Name: A URN segment that adheres to the pattern {type}:{label}. Name: A URN segment that adheres to the pattern {type}:{label}.
The keywords are defined as follows: The keywords are defined as follows:
{type}: The parameter type. The allowed values are "category" {type}: The parameter type. The allowed values are "category"
or "property". "category" denotes a category extension as or "property". "category" denotes a category extension as
discussed in Section 7.1. "property" denotes a property discussed in Section 7.1. "property" denotes a property
extension as discussed in Section 7.4. extension as discussed in Section 7.4.
{label}: A required US-ASCII string that conforms to the URN {label}: A required US-ASCII string that conforms to the URN
syntax requirements (see [RFC2141]). This string must be syntax requirements (see [RFC2141]). This string must be
unique within the namespace defined by the {type} keyword. unique within the namespace defined by the {type} keyword. The
"local" label for both the "category" and "property" types has
been reserved for private use.
Extension IRI: The identifier to use within ROLIE, which is the Extension IRI: The identifier to use within ROLIE, which is the
full URN using the form: urn:ietf:params:rolie:{name}, where full URN using the form: urn:ietf:params:rolie:{name}, where
{name} is the "name" field of this registration. {name} is the "name" field of this registration.
Reference: A static link to the specification and section that the Reference: A static link to the specification and section that the
definition of the parameter can be found. definition of the parameter can be found.
Sub-registry: An optional field that links to an IANA sub-registry Sub-registry: An optional field that links to an IANA sub-registry
for this parameter. If the {type} is "category", the sub-registry for this parameter. If the {type} is "category", the sub-registry
must contain a "name" field whose registered values MUST be US- must contain a "name" field whose registered values MUST be US-
ASCII. The list of names are the allowed values of the "term" ASCII. The list of names are the allowed values of the "term"
attribute in the atom:category element. (See Section 7.1.2). attribute in the atom:category element. (See Section 7.1.2).
This repository has the following initial values: This repository has the following initial values:
+-----------+--------------------+------+---------------------------+ +------------+-------------------+-------+--------------------------+
| Name | Extension IRI | Refe | Sub-Registry | | Name | Extension IRI | Refer | Sub-Registry |
| | | renc | | | | | ence | |
| | | e | | +------------+-------------------+-------+--------------------------+
+-----------+--------------------+------+---------------------------+ | category:i | urn:ietf:params:r | This | [TO BE REMOVED: This |
| category: | urn:ietf:params:ro | This | [TO BE REMOVED: This | | nformation | olie:category | docum | registration should take |
| informati | lie:category | docu | registration should take | | -type | :information-type | ent, | place at the following |
| on-type | :information-type | ment | place at the following | | | | Secti | location: https://www.ia |
| | | , Se | location: https://www.ian | | | | on | na.org/assignments/rolie |
| | | ctio | a.org/assignments/rolie/c | | | | 8.4 | /category/information- |
| | | n | ategory/information-type] | | | | | type] |
| | | 9.4 | | | property:l | urn:ietf:params:r | This | None |
+-----------+--------------------+------+---------------------------+ | ocal | olie:property:loc | docum | |
| | al | ent, | |
| | | Secti | |
| | | on | |
| | | 7.4 | |
| category:l | urn:ietf:params:r | This | None |
| ocal | olie:category:loc | docum | |
| | al | ent, | |
| | | Secti | |
| | | on | |
| | | 7.1 | |
| property | urn:ietf:params:r | This | None |
| :content- | olie:property | docum | |
| author- | :content-author- | ent, | |
| name | name | Secti | |
| | | on | |
| | | 7.4 | |
+------------+-------------------+-------+--------------------------+
8.4. ROLIE Security Resource Information Type Sub-Registry 8.4. ROLIE Security Resource Information Type Sub-Registry
A new sub-registry has been created to store ROLIE information type A new sub-registry has been created to store ROLIE information type
values. values.
Name of Registry: "ROLIE Information Types" Name of Registry: "ROLIE Information Types"
Location of Registry: Location of Registry:
https://www.iana.org/assignments/rolie/category/information-type https://www.iana.org/assignments/rolie/category/information-type
skipping to change at page 26, line 9 skipping to change at page 27, line 19
registry uses the value 1, and this value is incremented for registry uses the value 1, and this value is incremented for
each subsequent entry added to the registry. each subsequent entry added to the registry.
reference: A list of one or more URIs [RFC3986] from which the reference: A list of one or more URIs [RFC3986] from which the
registered specification can be obtained. The registered registered specification can be obtained. The registered
specification MUST be readily and publicly available from that specification MUST be readily and publicly available from that
URI. The URI SHOULD be a stable reference. URI. The URI SHOULD be a stable reference.
Allocation Policy: Specification required as per [RFC5226] Allocation Policy: Specification required as per [RFC5226]
8.5. Well-Known URI Registrations
This document makes the follow two registrations to the Well-Known
URI Registry at https://www.iana.org/assignments/well-known-uris/
well-known-uris.xhtml.
Service Document registration:
URI suffix: rolie/servicedocument
Change controller: IETF
Specification document: This document, Section 5.1.3
Related information: None
Category Document registration:
URI suffix: rolie/categorydocument
Change controller: IETF
Specification document: This document, Section 5.2
Related information: None
9. Security Considerations 9. Security Considerations
This document defines a resource-oriented approach for lightweight This document defines a resource-oriented approach for lightweight
information exchange using HTTP over TLS, the Atom Syndication information exchange using HTTP over TLS, the Atom Syndication
Format, and the Atom Publishing Protocol. As such, implementers must Format, and the Atom Publishing Protocol. As such, implementers must
understand the security considerations described in those understand the security considerations described in those
specifications. All that follows is guidance, more specific specifications. All that follows is guidance, more specific
instruction is out of scope for this document and will be located in instruction is out of scope for this document.
a dedicated informational document.
All security measures SHOULD be enforced at the source, that is, a All security measures SHOULD be enforced at the source, that is, a
provider SHOULD NOT return any Feed content or member Entry content provider SHOULD NOT return any Feed content or member Entry content
for which the client identity has not been specifically for which the client identity has not been specifically
authenticated, authorized, and audited. authenticated, authorized, and audited.
The approach described herein is based upon all policy enforcements The approach described herein is based upon all policy enforcements
being implemented at the point when a resource representation is being implemented at the point when a resource representation is
created. As such, producers sharing cyber security information using created. As such, producers sharing cyber security information using
this specification must take care to authenticate their HTTP clients this specification must take care to authenticate their HTTP clients
skipping to change at page 26, line 46 skipping to change at page 28, line 32
approach. In general, trust in the sharing consortium will depend approach. In general, trust in the sharing consortium will depend
upon the members maintaining adequate user authentication mechanisms. upon the members maintaining adequate user authentication mechanisms.
Collaborating consortiums may benefit from the adoption of a Collaborating consortiums may benefit from the adoption of a
federated identity solution, such as those based upon SAML-core federated identity solution, such as those based upon SAML-core
[SAML-core], SAML-bind [SAML-bind], and SAML-prof [SAML-prof] for [SAML-core], SAML-bind [SAML-bind], and SAML-prof [SAML-prof] for
Web-based authentication and cross-organizational single sign-on. Web-based authentication and cross-organizational single sign-on.
Dependency on a trusted third party identity provider implies that Dependency on a trusted third party identity provider implies that
appropriate care must be exercised to sufficiently secure the appropriate care must be exercised to sufficiently secure the
Identity provider. Any attacks on the federated identity system Identity provider. Any attacks on the federated identity system
would present a risk to the CSIRT, as a relying party. Potential would present a risk to the consortium, as a relying party.
mitigations include deployment of a federation-aware identity Potential mitigations include deployment of a federation-aware
provider that is under the control of the information sharing identity provider that is under the control of the information
consortium, with suitably stringent technical and management sharing consortium, with suitably stringent technical and management
controls. controls.
Authorization of resource representations is the responsibility of Authorization of resource representations is the responsibility of
the source system, i.e. based on the authenticated user identity the source system, i.e. based on the authenticated user identity
associated with an HTTP(S) request. The required authorization associated with an HTTP(S) request. The required authorization
policies that are to be enforced must therefore be managed by the policies that are to be enforced must therefore be managed by the
security administrators of the source system. Various authorization security administrators of the source system. Various authorization
architectures would be suitable for this purpose, such as RBAC [3] architectures would be suitable for this purpose, such as RBAC [3]
and/or ABAC, as embodied in XACML [XACML]. In particular, and/or ABAC, as embodied in XACML [XACML]. In particular,
implementers adopting XACML may benefit from the capability to implementers adopting XACML may benefit from the capability to
skipping to change at page 27, line 38 skipping to change at page 29, line 24
enforced at both the source and destination systems, implementers enforced at both the source and destination systems, implementers
must take care to avoid unintended interactions of the separately must take care to avoid unintended interactions of the separately
enforced policies. Potential risks will include unintended denial of enforced policies. Potential risks will include unintended denial of
service and/or unintended information leakage. These problems may be service and/or unintended information leakage. These problems may be
mitigated by avoiding any dependence upon enforcements performed at mitigated by avoiding any dependence upon enforcements performed at
the destination system. When distributed enforcement is unavoidable, the destination system. When distributed enforcement is unavoidable,
the usage of a standard language (e.g. XACML) for the expression of the usage of a standard language (e.g. XACML) for the expression of
authorization policies will enable the source and destination systems authorization policies will enable the source and destination systems
to better coordinate and align their respective policy expressions. to better coordinate and align their respective policy expressions.
A service discovery mechanism is not explicitly specified in this
document, and there are several approaches available for
implementers. When selecting this mechanism, implementations need to
ensure that their choice provides a means for authenticating the
server. As described in the discovery section, DNS SRV Records are a
possible secure solution to discovery.
10. Privacy Considerations
The optional author field may provide an identification privacy issue
if populated without the author's consent. This information may
become public if posted to a public feed. Special care should be
taken when aggregating or sharing entries from other feeds, or when
programmatically generating ROLIE entries from some data source that
the author's personal info is not shared without their consent.
When using the Atom Publishing Protocol to POST entries to a feed,
attackers may use correlating techniques to profile the user. The
request time can be compared to the generated "updated" field of the
entry in order to build out information about a given user. This
correlation attempt can be mitigated by not using HTTP requests to
POST entries when profiling is a risk, and rather use backend control
of the feeds.
Adoption of the information sharing approach described in this Adoption of the information sharing approach described in this
document will enable users to more easily perform correlations across document will enable users to more easily perform correlations across
separate, and potentially unrelated, cyber security information separate, and potentially unrelated, cyber security information
providers. A client may succeed in assembling a data set that would providers. A client may succeed in assembling a data set that would
not have been permitted within the context of the authorization not have been permitted within the context of the authorization
policies of either provider when considered individually. Thus, policies of either provider when considered individually. Thus,
providers may face a risk of an attacker obtaining an access that providers may face a risk of an attacker obtaining an access that
constitutes an undetected separation of duties (SOD) violation. It constitutes an undetected separation of duties (SOD) violation. It
is important to note that this risk is not unique to this is important to note that this risk is not unique to this
specification, and a similar potential for abuse exists with any specification, and a similar potential for abuse exists with any
other cyber security information sharing protocol. However, the wide other cyber security information sharing protocol. However, the wide
availability of tools for HTTP clients and Atom Feed handling implies availability of tools for HTTP clients and Atom Feed handling implies
that the resources and technical skills required for a successful that the resources and technical skills required for a successful
exploit may be less than it was previously. This risk can be best exploit may be less than it was previously. This risk can be best
mitigated through appropriate vetting of the client at account mitigated through appropriate vetting of the client at account
provisioning time. In addition, any increase in the risk of this provisioning time. In addition, any increase in the risk of this
type of abuse should be offset by the corresponding increase in type of abuse should be offset by the corresponding increase in
effectiveness that this specification affords to the defenders. effectiveness that this specification affords to the defenders.
10. Acknowledgements Overall, ROLIE introduces few privacy concerns above and beyond those
present in any other HTTP protocol. Those that exist can be
mitigated by following security considerations and carefully using
the optional identifying elements.
11. Acknowledgements
The authors gratefully acknowledge the valuable contributions of Tom The authors gratefully acknowledge the valuable contributions of Tom
Maguire, Kathleen Moriarty, and Vijayanand Bharadwaj. These Maguire, Kathleen Moriarty, and Vijayanand Bharadwaj. These
individuals provided detailed review comments on earlier drafts, and individuals provided detailed review comments on earlier drafts, and
made many suggestions that have helped to improve this document. made many suggestions that have helped to improve this document.
11. References 12. References
11.1. Normative References 12.1. Normative References
[RFC0020] Cerf, V., "ASCII format for network interchange", STD 80, [RFC0020] Cerf, V., "ASCII format for network interchange", STD 80,
RFC 20, DOI 10.17487/RFC0020, October 1969, RFC 20, DOI 10.17487/RFC0020, October 1969,
<http://www.rfc-editor.org/info/rfc20>. <http://www.rfc-editor.org/info/rfc20>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>. <http://www.rfc-editor.org/info/rfc2119>.
skipping to change at page 29, line 44 skipping to change at page 32, line 16
Housley, R., and W. Polk, "Internet X.509 Public Key Housley, R., and W. Polk, "Internet X.509 Public Key
Infrastructure Certificate and Certificate Revocation List Infrastructure Certificate and Certificate Revocation List
(CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008,
<http://www.rfc-editor.org/info/rfc5280>. <http://www.rfc-editor.org/info/rfc5280>.
[RFC4642] Murchison, K., Vinocur, J., and C. Newman, "Using [RFC4642] Murchison, K., Vinocur, J., and C. Newman, "Using
Transport Layer Security (TLS) with Network News Transfer Transport Layer Security (TLS) with Network News Transfer
Protocol (NNTP)", RFC 4642, DOI 10.17487/RFC4642, October Protocol (NNTP)", RFC 4642, DOI 10.17487/RFC4642, October
2006, <http://www.rfc-editor.org/info/rfc4642>. 2006, <http://www.rfc-editor.org/info/rfc4642>.
[RFC5785] Nottingham, M. and E. Hammer-Lahav, "Defining Well-Known
Uniform Resource Identifiers (URIs)", RFC 5785,
DOI 10.17487/RFC5785, April 2010,
<http://www.rfc-editor.org/info/rfc5785>.
[relax-NG] [relax-NG]
Clark, J., Ed., "RELAX NG Compact Syntax", 11 2002, Clark, J., Ed., "RELAX NG Compact Syntax", 11 2002,
<https://www.oasis-open.org/committees/relax-ng/compact- <https://www.oasis-open.org/committees/relax-ng/compact-
20021121.html>. 20021121.html>.
11.2. Informative References 12.2. Informative References
[RFC2141] Moats, R., "URN Syntax", RFC 2141, DOI 10.17487/RFC2141, [RFC2141] Moats, R., "URN Syntax", RFC 2141, DOI 10.17487/RFC2141,
May 1997, <http://www.rfc-editor.org/info/rfc2141>. May 1997, <http://www.rfc-editor.org/info/rfc2141>.
[RFC2782] Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for
specifying the location of services (DNS SRV)", RFC 2782,
DOI 10.17487/RFC2782, February 2000,
<http://www.rfc-editor.org/info/rfc2782>.
[RFC3444] Pras, A. and J. Schoenwaelder, "On the Difference between [RFC3444] Pras, A. and J. Schoenwaelder, "On the Difference between
Information Models and Data Models", RFC 3444, Information Models and Data Models", RFC 3444,
DOI 10.17487/RFC3444, January 2003, DOI 10.17487/RFC3444, January 2003,
<http://www.rfc-editor.org/info/rfc3444>. <http://www.rfc-editor.org/info/rfc3444>.
[RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax
Specifications: ABNF", STD 68, RFC 5234, Specifications: ABNF", STD 68, RFC 5234,
DOI 10.17487/RFC5234, January 2008, DOI 10.17487/RFC5234, January 2008,
<http://www.rfc-editor.org/info/rfc5234>. <http://www.rfc-editor.org/info/rfc5234>.
skipping to change at page 30, line 42 skipping to change at page 33, line 20
<http://docs.oasis-open.org/security/saml/v2.0/ <http://docs.oasis-open.org/security/saml/v2.0/
saml-profiles-2.0-os.pdf>. saml-profiles-2.0-os.pdf>.
[SAML-bind] [SAML-bind]
Cantor, S., Hirsch, F., Kemp, J., Philpott, R., and E. Cantor, S., Hirsch, F., Kemp, J., Philpott, R., and E.
Maler, "Bindings for the OASIS Security Assertion Markup Maler, "Bindings for the OASIS Security Assertion Markup
Language (SAML) V2.0", OASIS Standard saml-bindings- Language (SAML) V2.0", OASIS Standard saml-bindings-
2.0-os, March 2005, <http://docs.oasis- 2.0-os, March 2005, <http://docs.oasis-
open.org/security/saml/v2.0/saml-bindings-2.0-os.pdf>. open.org/security/saml/v2.0/saml-bindings-2.0-os.pdf>.
[xmldsig] Bartel, M., Boyer, J., Fox, B., LaMacchia, B., and E.
Simon, "XML Signature Syntax and Processing (Second
Edition)", June 2008, <https://www.w3.org/TR/xmldsig-
core/>.
[xmlenc] Imamura, T., Dillaway, B., and E. Simon, "XML Encryption
Syntax and Processing", December 2002,
<https://www.w3.org/TR/xmlenc-core/>.
[XACML] Rissanen, E., "eXtensible Access Control Markup Language [XACML] Rissanen, E., "eXtensible Access Control Markup Language
(XACML) Version 3.0", August 2010, <http://docs.oasis- (XACML) Version 3.0", August 2010, <http://docs.oasis-
open.org/xacml/3.0/xacml-3.0-core-spec-cs-01-en.pdf>. open.org/xacml/3.0/xacml-3.0-core-spec-cs-01-en.pdf>.
[REST] Fielding, R., "Architectural Styles and the Design of [REST] Fielding, R., "Architectural Styles and the Design of
Network-based Software Architectures", 2000, Network-based Software Architectures", 2000,
<http://www.ics.uci.edu/~fielding/pubs/dissertation/ <http://www.ics.uci.edu/~fielding/pubs/dissertation/
top.htm>. top.htm>.
11.3. URIs 12.3. URIs
[1] https://www.iana.org/assignments/link-relations/link- [1] https://www.iana.org/assignments/link-relations/link-
relations.xhtml relations.xhtml
[2] https://www.iana.org/assignments/link-relations/link- [2] https://www.iana.org/assignments/link-relations/link-
relations.xhtml relations.xhtml
[3] http://csrc.nist.gov/groups/SNS/rbac/ [3] http://csrc.nist.gov/groups/SNS/rbac/
Appendix A. Relax NG Compact Schema for ROLIE Appendix A. Relax NG Compact Schema for ROLIE
skipping to change at page 33, line 5 skipping to change at page 35, line 5
uses an Atom Service Document to enable authorized clients to uses an Atom Service Document to enable authorized clients to
determine what specific information the provider makes available to determine what specific information the provider makes available to
the community. While the Service Document is accessible at a pre- the community. While the Service Document is accessible at a pre-
determined location, the Service Document can also be made accessible determined location, the Service Document can also be made accessible
from any well known location, such as via a link from the producer's from any well known location, such as via a link from the producer's
home page. home page.
A client may format an HTTP GET request to retrieve the service A client may format an HTTP GET request to retrieve the service
document from the specified location: document from the specified location:
GET /rolie/servicedocument GET /.well-known/rolie/servicedocument
Host: www.example.org Host: www.example.org
Accept: application/atomsvc+xml Accept: application/atomsvc+xml
Notice the use of the HTTP Accept: request header, indicating the Notice the use of the HTTP Accept: request header, indicating the
MIME type for Atom service discovery. The response to this GET MIME type for Atom service discovery. The response to this GET
request will be an XML document that contains information on the request will be an XML document that contains information on the
specific Collections that are provided. specific Collections that are provided.
Example HTTP GET response: Example HTTP GET response:
skipping to change at page 34, line 19 skipping to change at page 36, line 19
<?xml version="1.0" encoding='utf-8'?> <?xml version="1.0" encoding='utf-8'?>
<service xmlns="http://www.w3.org/2007/app" <service xmlns="http://www.w3.org/2007/app"
xmlns:atom="http://www.w3.org/2005/Atom"> xmlns:atom="http://www.w3.org/2005/Atom">
<workspace> <workspace>
<atom:title>Public Security Information Sharing</atom:title> <atom:title>Public Security Information Sharing</atom:title>
<collection <collection
href="http://example.org/provider/public/vulns"> href="http://example.org/provider/public/vulns">
<atom:title>Public Vulnerabilities</atom:title> <atom:title>Public Vulnerabilities</atom:title>
<atom:link rel="service" <atom:link rel="service"
href="www.example.com/rolie/servicedocument"> href="www.example.com/rolie/servicedocument"/>
<categories fixed="yes"> <categories fixed="yes">
<atom:category <atom:category
scheme="urn:ietf:params:rolie:category:information-type" scheme="urn:ietf:params:rolie:category:information-type"
term="vulnerability"/> term="vulnerability"/>
</categories> </categories>
</collection> </collection>
</workspace> </workspace>
<workspace> <workspace>
<atom:title>Private Consortium Sharing</atom:title> <atom:title>Private Consortium Sharing</atom:title>
<collection <collection
href="http://example.org/provider/private/incidents"> href="http://example.org/provider/private/incidents">
<atom:title>Incidents</atom:title> <atom:title>Incidents</atom:title>
<atom:link rel="service" <atom:link rel="service"
href="www.example.com/rolie/servicedocument"> href="www.example.com/rolie/servicedocument"/>
<categories fixed="yes"> <categories fixed="yes">
<atom:category <atom:category
scheme="urn:ietf:params:rolie:category:information-type" scheme="urn:ietf:params:rolie:category:information-type"
term="incident"/> term="incident"/>
</categories> </categories>
</collection> </collection>
</workspace> </workspace>
</service> </service>
In this example, the provider is making available a total of two In this example, the provider is making available a total of two
skipping to change at page 36, line 35 skipping to change at page 38, line 35
<link rel="service" <link rel="service"
href="http://example.org/rolie/servicedocument"/> href="http://example.org/rolie/servicedocument"/>
<entry> <entry>
<rolie:format ns="urn:ietf:params:xml:ns:exampleformat"/> <rolie:format ns="urn:ietf:params:xml:ns:exampleformat"/>
<id>dd786dba-88e6-440b-9158-b8fae67ef67c</id> <id>dd786dba-88e6-440b-9158-b8fae67ef67c</id>
<title>Sample Vulnerability</title> <title>Sample Vulnerability</title>
<published>2015-08-04T18:13:51.0Z</published> <published>2015-08-04T18:13:51.0Z</published>
<updated>2015-08-05T18:13:51.0Z</updated> <updated>2015-08-05T18:13:51.0Z</updated>
<summary>A vulnerability issue identified by CVE-...</summary> <summary>A vulnerability issue identified by CVE-...</summary>
<content type="application/xml" <content type="application/xml"
src="http://www.example.org/provider/vulns/123456/data" src="http://www.example.org/provider/vulns/123456/data"/>
</entry> </entry>
<entry> <entry>
<!-- ...another entry... --> <!-- ...another entry... -->
</entry> </entry>
</feed> </feed>
This Feed document has two Atom Entries, one of which has been This Feed document has two Atom Entries, one of which has been
elided. The first Entry illustrates an atom:entry element that elided. The first Entry illustrates an atom:entry element that
skipping to change at page 38, line 7 skipping to change at page 40, line 7
src="http://www.example.org/provider/vulns/123456/data"> src="http://www.example.org/provider/vulns/123456/data">
</content> </content>
</entry> </entry>
The example response above shows an XML document referenced by the The example response above shows an XML document referenced by the
"src" attribute of the atom:content element. The client may retrieve "src" attribute of the atom:content element. The client may retrieve
the document using this URL. the document using this URL.
Appendix C. Change History Appendix C. Change History
Changes in draft-ietf-mile-rolie-07 since draft-ietf-mile-rolie-06
version, March 13, 2017 to TODO, 2017
Added /.well-known/ registration and requirement to service
discovery.
Condensed and re-focused Sections 1 and 4 to be more concise.
Added privacy considerations section.
Made a number of editorial changes as per WGLC review.
Changes in draft-ietf-mile-rolie-06 since draft-ietf-mile-rolie-05 Changes in draft-ietf-mile-rolie-06 since draft-ietf-mile-rolie-05
version, November 2, 2016 to TODO, 2016 version, November 2, 2016 to March 13, 2017
Changed to standards track Changed to standards track
Added the rolie:property element Added the rolie:property element
Fixed references (Normative vs Informative) Fixed references (Normative vs Informative)
Set Service and Category document URL template requirements Set Service and Category document URL template requirements
Fixed XML snippets in examples Fixed XML snippets in examples
 End of changes. 74 change blocks. 
298 lines changed or deleted 382 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/