[ main >> mod_sec 1.0alpha ]

Qualified Security Advisory Reference (mod_sec)

Abstract

This document describes RSS Extension of security information distribution, and definition of the tags for RSS 1.0, 2.0 and Atom.

Authors

The members of JVNRSS Feasibility Study Team:

Masato Terada (IPA, JPCERT/CC)
JVN Working Group (JPCERT/CC, IPA)

Version

Latest Version
http://jvnrss.ise.chuo-u.ac.jp/jtg/mod_sec/
V1.0alpha 2005-10-31
http://jvnrss.ise.chuo-u.ac.jp/jtg/mod_sec/1.0a/

Status

Proposed

Comments should be directed to the JVN Working Group.

Rights

Copyright © 2005 - 2007 by the Authors.

Permission to use, copy, modify and distribute the mod_sec Specification and its accompanying documentation for any purpose and without fee is hereby granted in perpetuity, provided that the above copyright notice and this paragraph appear in all copies. The copyright holders make no representation about the suitability of the specification for any purpose. It is provided "as is" without expressed or implied warranty.

This copyright applies to the mod_sec Specification and accompanying documentation and does not extend to the mod_sec format itself.

Table of Contents

1. Overview
2. Namespace Declarations
3. Syntax
3.1 <sec:references>
3.2 <sec:identifier>
3.3 <sec:item>
4. Examples
4.1 RSS 1.0 + <sec:references> and <sec:identifier>
4.2 RSS 2.0 + <sec:references> and <sec:identifier>
4.3 Atom + <sec:references> and <sec:identifier>
4.4 RSS 1.0 + <sec:item>
5. Resources
6. Acknowledgements

1. Overview

2. Namespace Declarations

xmlns:sec="http://jvn.jp/rss/mod_sec/"

3. Syntax

3.1 <sec:references>

sec:references is an element for a best reference (CVE, CERT Advisory, CERT Vulnerability Note, US-CERT Technical Alert etc.) to a related security information.

<sec:references sec:source="%name" sec:id="%id">%ResourceReference</sec:references>

%nameAn attribute is abbreviation name which provide the best reference, such as CVE, JPCERT, CERT, CIAC, BID, CERT-VN, MS, OSVDB, XF etc.
%idAn attribute is the unique identifier assigned by sec:source, such as VU#105259, MS01-044, CVE-2001-0525, CA-2001-14, TA05-111A etc.
%ResourceReferenceAn entity value is a URI reference to a resource.

 

3.2 <sec:identifier>

sec:identifier is an element for the unique identifier assigned by vendor.

<sec:identifier>%id</sec:identifier>

%idAn attribute is the unique identifier assigned by vendor, such as "Cisco Security Advisory ID#50960", HPSBMA01234 etc.

 

Reference Name Assigned abbreviation of %name Example of %id
CERT Advisory CERT CA-2003-04
US-CERT Cyber Security Alerts CERT-SA SA06-275A
US-CERT Vulnerability Note CERT-VN VU#884076
US-CERT Technical Cyber Security Alert CERT-TA TA06-312A
National Vulnerability Database (NVD) NVD CVE-2005-2177
CIAC Bulletins CIAC R-125
AUSCERT AUSCERT AA-2004.02
AL-2007.0015
NISCC Vulnerability Advisory NISCC 144154/NISCC/DNS
729618/NISCC/PARASITIC-KEYS
Common Vulnerabilities and Exposures (CVE) CVE CVE-2005-2177
Open Vulnerability and Assessment Language (OVAL) OVAL 3989
Secunia Advisory SECUNIA SA15930
Security Focus BID 14168
ISS X-Force Database XF 29338
OPEN SOURCE VULNERABILITY DATABASE (OSVDB) OSVDB 29788
ISS Security Alerts and Advisories ISS 233
SecurityTracker SECTRACK 1017288
SecuriTeam SECTEAM 6W00L00C1S
FrSIRT Advisories FRSIRT FrSIRT/ADV-2006-4654
The SANS Institute Diary SANS 1290
Other Other Other

 

3.3 <sec:item>

sec:item is extended JVNRSS format which nests item of RSS 1.0/2.0.

<sec:item>(item*)</sec:item>

(item*)Nested RSS item set.

 

4. Example

4.1 RSS 1.0 + <sec:references> and <sec:identifier>

<?xml version="1.0" encoding="utf-8" ?>
<rdf:RDF 
  xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 
  xmlns="http://purl.org/rss/1.0/"
  xmlns:dc="http://purl.org/dc/elements/1.1/"
  xmlns:dcterms="http://purl.org/dc/terms/"
  xmlns:sec="http://jvn.jp/rss/mod_sec/"
>

 <channel rdf:about="http://jvn.jp/rss/jvnJPRSS.rdf">
  <title>JVNRSS Feed</title>
  <link>http://jvn.jp/jp/</link>
  <description>JP Vendor Status Notes - JP</description>
  <dc:publisher>JVN</dc:publisher>
  <dc:creator>jvn@jvn.jp</dc:creator>
  <dcterms:issued>2005-05-01T08:00+09:00</dcterms:issued>
  <dcterms:modified>2005-06-18T08:23+09:00</dcterms:modified>
  <items>
   <rdf:Seq>
    <rdf:li rdf:resource="http://jvn.jp/jp/JVN%2312345678" />
    <rdf:li rdf:resource="http://jvn.jp/jp/JVN%2300ABCDEF" />
   </rdf:Seq>
  </items>
 </channel>

 <item rdf:about="http://jvn.jp/jp/JVN%2312345678">
  <title>JVN Qualified Security Advisory Reference #12345678</title>
  <link>http://jvn.jp/jp/JVN%2312345678</link>
  <description>This example is description about Qualified 
               Security advisory Reference #12345678</description>
  <dc:publisher>JVN</dc:publisher>
  <dc:creator>jvn@jvn.jp</dc:creator>
  <dcterms:issued>2005-05-22T14:00+09:00</dcterms:issued>
  <dcterms:modified>2005-06-18T08:23+09:00</dcterms:modified>
  <sec:identifier>JVN#12345678</sec:identifier>
  <sec:references sec:source="JPCERT" sec:id="JPCERT-AT-2005-0522">
   http://www.jpcert.or.jp/at/2005/at050522.txt</sec:references>
 </item>

 <item rdf:about="http://jvn.jp/jp/JVN%2300ABCDEF">
  <title>JVN Qualified Security Advisory Reference #00ABCDEF</title>
  <link>http://jvn.jp/jp/JVN%2300ABCDEF</link>
  <description>This example is description about Qualified 
               Security Advisory Reference #00ABCDEF</description>
  <dc:publisher>JVN</dc:publisher>
  <dc:creator>jvn@jvn.jp</dc:creator>
  <dcterms:issued>2005-05-01T08:00+09:00</dcterms:issued>
  <dcterms:modified>2005-05-31T22:22+09:00</dcterms:modified>
  <sec:identifier>JVN#00ABCDEF</sec:identifier>
  <sec:references sec:source="JPCERT" sec:id="JPCERT-AT-2005-0501">
   http://www.jpcert.or.jp/at/2005/at050501.txt</sec:references>
 </item>

</rdf:RDF>

4.2 RSS 2.0 + <sec:references> and <sec:identifier>

<?xml version="1.0" encoding="utf-8" ?>
<rss version="2.0"
 xmlns:sec="http://jvn.jp/rss/mod_sec/"
>

 <channel>
  <title>JVNRSS Feed</title>
  <link>http://jvn.jp/jp/</link>
  <description>JP Vendor Status Notes - JP</description>
  <pubDate>Sun, 01 May 2005 08:00:00 +0900</pubDate>
  <lastBuildDate>Sat, 18 Jun 2005 08:23:00 +0900</lastBuildDate>

  <item>
   <title>JVN Qualified Security Advisory Reference #12345678</title>
   <link>http://jvn.jp/jp/JVN%2312345678</link>
   <description>This example is description about Qualified 
                Security Advisory Reference #12345678</description>
   <author>JVN</author>
   <pubDate>Sat, 18 Jun 2005 08:23:00 +0900</pubDate>
   <sec:identifier>JVN#12345678</sec:identifier>
   <sec:references sec:source="JPCERT" sec:id="JPCERT-AT-2005-0522">
    http://www.jpcert.or.jp/at/2005/at050522.txt</sec:references>
  </item>

  <item>
   <title>JVN's Qualified Security Advisory Reference #00ABCDEF</title>
   <link>http://jvn.jp/jp/JVN%2300ABCDEF</link>
   <description>This example is description about Qualified 
                Security Advisory Reference #00ABCDEF</description>
   <author>JVN</author>
   <pubDate>Tue, 31 May 2005 22:22:00 +0900</pubDate>
   <sec:identifier>JVN#00ABCDEF</sec:identifier>
   <sec:references sec:source="JPCERT" sec:id="JPCERT-AT-2005-0501">
    http://www.jpcert.or.jp/at/2005/at050501.txt</sec:references>
  </item>

 </channel>
</rss>

4.3 Atom + <sec:references> and <sec:identifier>

<?xml version="1.0" encoding="utf-8" ?>
<feed xmlns="http://www.w3.org/2005/Atom"
      xmlns:sec="http://jvn.jp/rss/mod_sec/"
>

 <id>http://jvn.jp/jp/</id>
 <title>JVNRSS Feed</title>
 <link rel="alternate" type="text/html" href="http://jvn.jp/jp/"/>
 <link rel="self" type="application/atom+xml" href="http://jvn.jp/jp/index.atom"/>
 <subtitle>JP Vendor Status Notes - JP</subtitle>
 <updated>2005-06-18T08:23+09:00</updated>
 <author>
  <name>JVN</name>
  <email>jvn@jvn.jp</email>
  <uri>http://jvn.jp/</uri>
 </author>

 <entry>
  <title>JVN Qualified Security Advisory Reference #12345678</title>
  <link rel="alternate" type="text/html" href="http://jvn.jp/jp/JVN%2312345678"/>
  <id>http://jvn.jp/jp/JVN%2312345678</id>
  <summary type="text">This example is description about Qualified 
                       Security Advisory Reference #12345678</summary>
  <published>2005-05-22T14:00+09:00</published>
  <updated>2005-06-18T08:23+09:00</updated>
  <author>
   <name>JVN</name>
   <email>jvn@jvn.jp</email>
   <uri>http://jvn.jp/</uri>
  </author>
  <sec:identifier>JVN#12345678</sec:identifier>
  <sec:references sec:source="JPCERT" sec:id="JPCERT-AT-2005-0522">
   http://www.jpcert.or.jp/at/2005/at050522.txt</sec:refernces>
 </entry>

 <entry>
  <title>JVN's Qualified Security Advisory Reference 02</title>
  <link rel="alternate" type="text/html" href="http://jvn.jp/jp/JVN%2300ABCDEF"/>
  <id>http://jvn.jp/jp/JVN%2300ABCDEF</id>
  <summary type="text">This example is description about Qualified 
                       Security Advisory Reference #00ABCDEF</summary>
  <published>2005-05-01T08:00+09:00</published>
  <updated>2005-05-31T22:00+09:00</updated>
  <author>
   <name>JVN</name>
   <email>jvn@jvn.jp</email>
   <uri>http://jvn.jp/</uri>
  </author>
  <sec:identifier>JVN#00ABCDEF</sec:identifier>
  <sec:references sec:source="JPCERT" sec:id="JPCERT-AT-2005-0501">
   http://www.jpcert.or.jp/at/2005/at050501.txt</sec:references>
 </entry>

</feed>

4.4 RSS 1.0 + <sec:item>

<?xml version="1.0" encoding="utf-8" ?>
<rdf:RDF 
  xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 
  xmlns="http://purl.org/rss/1.0/"
  xmlns:dc="http://purl.org/dc/elements/1.1/"
  xmlns:dcterms="http://purl.org/dc/terms/"
  xmlns:sec="http://jvn.jp/rss/mod_sec/"
>

 <channel rdf:about="http://jvn.jp/rss/jvnJPRSS.rdf">
  <title>JVNRSS Feed</title>
  <link>http://jvn.jp/jp/</link>
  <description>JP Vendor Status Notes - JP</description>
  <dc:publisher>JVN</dc:publisher>
  <dc:creator>jvn@jvn.jp</dc:creator>
  <dcterms:issued>2005-05-01T08:00+09:00</dcterms:issued>
  <dcterms:modified>2005-06-18T08:23+09:00</dcterms:modified>
  <items>
   <rdf:Seq>
    <rdf:li rdf:resource="http://jvn.jp/jp/JVN%2312345678" />
    <rdf:li rdf:resource="http://jvn.jp/jp/JVN%2300ABCDEF" />
   </rdf:Seq>
  </items>
 </channel>

 <item rdf:about="http://jvn.jp/jp/JVN%2312345678">
  <title>JVN Qualified Security Advisory Reference #12345678</title>
  <link>http://jvn.jp/jp/JVN%2312345678</link>
  <description>This example is description about Qualified 
               Security advisory Reference #12345678</description>
  <dc:publisher>JVN</dc:publisher>
  <dc:creator>jvn@jvn.jp</dc:creator>
  <dcterms:issued>2005-05-22T14:00+09:00</dcterms:issued>
  <dcterms:modified>2005-06-18T08:23+09:00</dcterms:modified>
  <sec:identifier>JVN#12345678</sec:identifier>
  <sec:references sec:source="JPCERT" sec:id="JPCERT-AT-2005-0522">
   http://www.jpcert.or.jp/at/2005/at050522.txt</sec:references>
  <sec:item>

    <item rdf:about="http://www.ipa.go.jp/alerts/99999999.html">
     <title>JVN Nested Item #99999999</title>
     <link>http://example.jp/alerts/99999999.html</link>
     <description>This example is description about Qualified 
                  Security advisory Reference #99999999</description>
     <dc:publisher>Example Ltd.</dc:publisher>
     <dc:creator>example@exmaple.jp</dc:creator>
     <dcterms:issued>2005-05-23T15:15+09:00</dcterms:issued>
     <dcterms:modified>2005-05-23T15:15+09:00</dcterms:modified>
     <sec:references sec:source="JPCERT" sec:id="JPCERT-AT-2005-0522">
      http://www.jpcert.or.jp/at/2005/at050522.txt</sec:references>
    </item>

    <item rdf:about="http://example.jp/alerts/AAAAAAAA.html">
     <title>JVN Nested Item #AAAAAAAA</title>
     <link>http://example.jp/alerts/AAAAAAAA.html</link>
     <description>This example is description about Qualified 
                  Security advisory Reference #AAAAAAAA</description>
     <dc:publisher>Example Ltd.</dc:publisher>
     <dc:creator>example@exmaple.jp</dc:creator>
     <dcterms:issued>2005-05-28T01:28+09:00</dcterms:issued>
     <dcterms:modified>2005-05-28T01:28+09:00</dcterms:modified>
     <sec:references sec:source="JVN" sec:id="JVN#12345678">
      http://jvn.jp/jp/JVN%2312345678</sec:references>
    </item>

  </sec:item>
 </item>

 <item rdf:about="http://jvn.jp/jp/JVN%2300ABCDEF">
  <title>JVN Qualified Security Advisory Reference #00ABCDEF</title>
  <link>http://jvn.jp/jp/JVN%2300ABCDEF</link>
  <description>This example is description about Qualified 
               Security Advisory Reference #00ABCDEF</description>
  <dc:publisher>JVN</dc:publisher>
  <dc:creator>jvn@jvn.jp</dc:creator>
  <dcterms:issued>2005-05-01T08:00+09:00</dcterms:issued>
  <dcterms:modified>2005-05-31T22:22+09:00</dcterms:modified>
  <sec:identifier>JVN#00ABCDEF</sec:identifier>
  <sec:references sec:source="JPCERT" sec:id="JPCERT-AT-2005-0501">
   http://www.jpcert.or.jp/at/2005/at050501.txt</sec:references>
 </item>

</rdf:RDF>

5. Resources

6. Acknowledgements

JVNRSS Feasibility Study Team thanks the following for working with us for all their continued discussion and input.