| rfc9472v4.txt | rfc9472.txt | |||
|---|---|---|---|---|
| Internet Engineering Task Force (IETF) E. Lear | Internet Engineering Task Force (IETF) E. Lear | |||
| Request for Comments: 9472 Cisco Systems | Request for Comments: 9472 Cisco Systems | |||
| Category: Standards Track S. Rose | Category: Standards Track S. Rose | |||
| ISSN: 2070-1721 NIST | ISSN: 2070-1721 NIST | |||
| September 2023 | October 2023 | |||
| A YANG Data Model for Reporting Software Bills of Materials (SBOMs) and | A YANG Data Model for Reporting Software Bills of Materials (SBOMs) and | |||
| Vulnerability Information | Vulnerability Information | |||
| Abstract | Abstract | |||
| To improve cybersecurity posture, automation is necessary to locate | To improve cybersecurity posture, automation is necessary to locate | |||
| the software a device is using, whether that software has known | the software a device is using, whether that software has known | |||
| vulnerabilities, and what, if any, recommendations suppliers may | vulnerabilities, and what, if any, recommendations suppliers may | |||
| have. This memo extends the Manufacturer User Description (MUD) YANG | have. This memo extends the Manufacturer User Description (MUD) YANG | |||
| skipping to change at line 374 ¶ | skipping to change at line 374 ¶ | |||
| "RFC 9110: HTTP Semantics"; | "RFC 9110: HTTP Semantics"; | |||
| } | } | |||
| identity coap { | identity coap { | |||
| base mudtx:local-type; | base mudtx:local-type; | |||
| description | description | |||
| "Use COAP (RFC 7252) (insecure) to retrieve SBOM. This method | "Use COAP (RFC 7252) (insecure) to retrieve SBOM. This method | |||
| is NOT RECOMMENDED, although it may be unavoidable | is NOT RECOMMENDED, although it may be unavoidable | |||
| for certain classes of implementations/deployments."; | for certain classes of implementations/deployments."; | |||
| reference | reference | |||
| "RFC 7252: The Constrained Application Protocol (CoAP)”; | "RFC 7252: The Constrained Application Protocol (CoAP)"; | |||
| } | } | |||
| identity coaps { | identity coaps { | |||
| base mudtx:local-type; | base mudtx:local-type; | |||
| description | description | |||
| "Use COAPS (secure) to retrieve SBOM (RFC 7252)."; | "Use COAPS (secure) to retrieve SBOM (RFC 7252)."; | |||
| } | } | |||
| grouping transparency-extension { | grouping transparency-extension { | |||
| description | description | |||
| End of changes. 2 change blocks. | ||||
| 2 lines changed or deleted | 2 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||