> There are a couple proposals out there, but I don't think they've
> gotten as much attention as they deserve:
>
> Common Advisory Interchange Format
>
http://cert.uni-stuttgart.de/files/caif/requirements/split/requirements.
html
>
>
> Advisory and Notification Markup Language (ANML)
> http://www.opensec.org/anml/
>
I would also add to the list the
EISPP Common Advisory Format Description?, (EISPP-D3-001-TR), version
1.2, 28 march 2003 http://www.eispp.org/commonformat.pdf
Even if this one is slightly biased towards CERTs it could be used by
vendors too.
> There are a couple proposals out there, but I don't think they've
> gotten as much attention as they deserve:
>
> Common Advisory Interchange Format
>
http://cert.uni-stuttgart.de/files/caif/requirements/split/requirements.
html
>
>
> Advisory and Notification Markup Language (ANML)
> http://www.opensec.org/anml/
>
I would also add to the list the
EISPP Common Advisory Format Description?, (EISPP-D3-001-TR), version
1.2, 28 march 2003 http://www.eispp.org/commonformat.pdf
Even if this one is slightly biased towards CERTs it could be used by
vendors too.
Regards
Javier Fernandez-Sanguino
[ reply ]