Three IANA registrations completed for CSAF v2.0

[Paul Knight <paul.knight@oasis-open.org>]

Hi all,

The CSAF TC recently requested IANA registration for three elements of CSAF v2.0 [1]. These have been approved and are now registered by IANA. Congratulations on achieving this milestone!

The Internet Assigned Numbers Authority (IANA) [2] manages the central registries used in many Internet protocols.

The IANA registries with the new CSAF elements are now available as follows:

Registration of "csaf" and "csaf-aggregator" in the "Well-Known URIs" registry:

-Âhttps://www.iana.org/assignments/well-known-uris/well-known-uris.xhtml

Registration of "CSAF" as an optional field name in the "security.txt Fields" registry:

-Âhttps://www.iana.org/assignments/security-txt-fields/security-txt-fields.xhtml

This is particularly notable as the first and currently only registered field beyond the original eight identified in RFC9116 [2], which defined the usage of "security.txt" to "help organizations describe their vulnerability disclosure practices to make it easier for researchers to report vulnerabilities."

[1] OASIS support tickets:

-Âhttps://issues.oasis-open.org/browse/TCADMIN-4263 - add "csaf-aggregator" to "Well-Known URIs"

-Âhttps://issues.oasis-open.org/browse/TCADMIN-4264 - add "csaf" to "Well-Known URIs"

-Âhttps://issues.oasis-open.org/browse/TCADMIN-4265 - Add field name "CSAF" to security.txt registry

[2]Âhttps://www.iana.org/

[3] https://www.rfc-editor.org/rfc/rfc9116.html

Best regards,

Paul

--

Paul Knight....Document Process Analyst

OASIS...Setting the standard for open collaboration