Home page logo
/

bugtraq logo Bugtraq mailing list archives

CAIF 1.2 released
From: Oliver Goebel <Goebel () CERT Uni-Stuttgart DE>
Date: Tue, 10 May 2005 10:21:35 +0200

Dear all,

for your information:

The Common Announcement Interchange Format (CAIF) specification version
1.2 has been released.

A new version of the draft, reflecting all the changes made has been 
released too. 

All relevant documents are available from the CAIF home page.

CAIF Home:     
  http://cert.uni-stuttgart.de/projects/caif/

CAIF Format Spec:
  TXT:
  http://cert.uni-stuttgart.de/projects/caif/draft-goebel-caif-format.txt

  HTML:
  http://cert.uni-stuttgart.de/projects/caif/draft-goebel-caif-format.php

DTD:
  http://cert.uni-stuttgart.de/projects/caif/caif.dtd

Besides some normalization work in the design of the elements some new
general features have been introduced.  

Overview:

The draft describes an XML-based format for security announcements.  It
defines a basic but comprehensive set of elements that is designed to
describe the main aspects of issues related to security.  Besides
addressing more than one issue or problem within a single document the
format allows to provide information for more than one target group of
readers as well as multi-lingual textual descriptions.  It can be used
to selectively produce different renderings of an announcement for the
intended target groups, addressing one, a sub-set, or all problems in
one or multiple languages.  The set of pre-defined elements can be
extended to reflect either temporary, exotic or new requirements on a
per-document basis.  A special markup element allows to include
information for specific constituencies that can be removed before a
document is distributed.  Distriburion can be limited to one or a set of
defined constituencies.  CAIF documents may contain data that allow
the manual or automatic determination of the affectedness of systems by
a specific problem, e.g. OVAL definitions.  References within the CAIF
document can be used to interlink this data with other information thus
allow for the selective production of renderings adressing affected
systems.  


Please see the changelog at 

  http://cert.uni-stuttgart.de/projects/caif/ChangeLog.txt

for a detailed description of the changes made.

If you wish to be kept informed about new documents released, or updates
made to the existing ones, subscribe to the "caif-announce" mailing
list:

     * caif-announce () Lists CERT Uni-Stuttgart DE

       To subscribe, send email to:
       <caif-announce-subscribe () Lists CERT Uni-Stuttgart DE>

               

Comments are very welcome on the caif-discuss-list:

     * caif-discuss () Lists CERT Uni-Stuttgart DE

       To subscribe, send email to:
       <caif-discuss-subscribe () Lists CERT Uni-Stuttgart DE>


Regards
        Ollie
-- 
Oliver Goebel                        mailto:Goebel () CERT Uni-Stuttgart DE
RUS-CERT Stuttgart University        Tel:+49 711 121-3678 / -3688 (fax)
Breitscheidstr. 2, 70174 Stuttgart   http://CERT.Uni-Stuttgart.DE/


  By Date           By Thread  

Current thread:
  • CAIF 1.2 released Oliver Goebel (May 10)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]