The IESG has approved the following document: - 'Discovering and Retrieving Software Transparency and Vulnerability Information' (draft-ietf-opsawg-sbom-access-18.txt) as Proposed Standard
This document is the product of the Operations and Management Area Working Group. The IESG contact persons are Warren Kumari and Robert Wilton. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-opsawg-sbom-access/ Technical Summary To improve cybersecurity posture, automation is necessary to locate what software is running on a device, whether that software has known vulnerabilities, and what, if any recommendations suppliers may have. This memo extends the MUD YANG model to provide the locations of software bills of materials (SBOMS) and to vulnerability information. Working Group Summary No, it seemed to go smoothly, and got a few good WG last call reviews. Document Quality The authors indicate that they are working on an implementation. Personnel Rob Wilton is the Responsible AD Qin Wu is the Doc Shepherd. _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www.ietf.org/mailman/listinfo/ietf-announce
