#######################################################################
Session:       MILE
Date:          5-April-2016
Time:          17:40 - 19:10
Lication:      Quebracho A
Notetake:      Chris Inacio
Jabber scribe: Adam Montville 
Attendees: 20-30 ca.
Agenda and meeting material:
  https://datatracker.ietf.org/meeting/95/agenda.html
Jabber log:
  http://www.ietf.org/jabber/logs/mile/2016-04-05.html
audio record:
  http://www.ietf.org/audio/ietf95/ietf95-quebrachoa-20160405-1730.mp3
#######################################################################


## Working Group Chairs
* Alexy is on his way out, Kathleen to name a replacement

## IODEF-bis
### Roman Danyliw

* Alexy: going to attempt to get Apps Area review of XML
* Take: info-leak: how do you represent that?
	+ Roman: it's now free form text, not agreed upon impact
	+ Waltermire: that's used on ROLIE, would need to have that
	+ Roman: need to capture that issue

## ROLIE draft
### David Waltermire

* Focus on creating alignment of ROLIE draft between MILE & SACM
* Alexy:  Are you going to become a co-editor?
	+ Dave: yes, likely, possibly looking for more - more on that later

* Roman: CSIRT removed from IODEF, replaced with Sec Org
	+ Dave: would want to do that too in ROLIE

* Roman: impact class still exists for system, and is extensible
	+ Dave: okay, makes it easier

* Volunteers for ROLIE draft
	+ Adam Monteville

* Take: Content Repository draft in SACM, how does this relate?
	+ Dave: believe that's expired in SACM


## Implementation Report
### Daisuke Miyamoto

* There are no other reports of implementations of IODEF
* Chairs: Ready to ask for WGLC?
	+ no objections


## XMPP draft
### Nancy Cam-Winget

* Will post draft to MILE working group
* Interested in possibly doing a hack-a-thon on XMPP GRID


## Guidance draft
### Mio Suzuki

* Looking for more feedback and comments

* Chair: Good to use this document to double check IODEF-bis


## Security alerts over the first MILE
### Robert Moskowitz

* Robert: goal is to be resilient to things like DDoS and TCP outage
	+ Nancy: SASL is used to provided strong auth, but control plane and data plane are separated
	+ Nancy: TLS is used in the dataplane for communication
	
* Nancy:  XMPP has a lot of extensions to carry its data plane payload

* Nancy: What problem is supposed to be get solved in MILE?  ANIMA, 6tisch, i2nsf, etc. working on related areas - still not likely the right area.

* Sue Harris (i2rs chair): might fit in i2nsf


* Fleming Andreas: relationship to dots - unclear about relationship between DOTS and MILE?  Why do DOTS requirements apply?
	+ Robert:  Where does information when an event happen come into MILE?  An incident to deliver to MILE.
	+ Fleming: DOTS comms may indicate some type of activity, but they may not be incidents
	+ Dave W: examples?
		* Robert: TCP SYN events

* Roman: Lot of requirements from other WGs being described, but need to state the MILE client/server requirements to judge this.