{
  "draft": "draft-ietf-opsawg-sbom-access-18",
  "doc_id": "RFC9472",
  "title": "A YANG Data Model for Reporting Software Bills of Materials (SBOMs) and Vulnerability Information",
  "authors": [
    "E. Lear",
    "S. Rose"
  ],
  "format": [
    "XML",
    "TEXT",
    "HTML",
    "PDF"
  ],
  "page_count": "18",
  "pub_status": "PROPOSED STANDARD",
  "status": "PROPOSED STANDARD",
  "source": "Operations and Management Area Working Group",
  "abstract": "To improve cybersecurity posture, automation is necessary to locate the software a device is using, whether that software has known vulnerabilities, and what, if any, recommendations suppliers may have.  This memo extends the Manufacturer User Description (MUD) YANG schema to provide the locations of software bills of materials (SBOMs) and vulnerability information by introducing a transparency schema.",
  "pub_date": "October 2023",
  "keywords": [],
  "obsoletes": [],
  "obsoleted_by": [],
  "updates": [],
  "updated_by": [],
  "see_also": [],
  "doi": "10.17487/RFC9472",
  "errata_url": null
}