CAIF is an XML-based format to store and exchange security announcements in a normalized way. It provides a basic but comprehensive set of elements that is designed to describe the main aspects of an issue related to security. The set of elements can easily be extended to reflect either temporary, exotic or new requirements in a per-document manner. Besides addressing more than one problem within a single document the format allows to group information for more than one target group of readers as well as multi-lingual textual descriptions within one document. This can be used to selectively produce different renderings of an announcement for the intended target groups addressing one, a sub-set, or all problems multi- or mono-lingual in the languages provided.
Note, that the last digit in the version number increments whenever there are made minor changes regarding the wording or layout. Major releases increment the second digit. And a complete overhaul will increment the first digit.
Additional documents will follow.
There are two mailing lists for CAIF:
Copyright © 2005 - 2006 RUS-CERT, University of Stuttgart, Germany