ROLIE - Resource-Oriented Lightweight Information Exchange
The Resource Orientated Lightweight Information Exchange (ROLIE) protocol provides a standardized mechanism for an SCAP Content Repository that allows security automation content to be discovered, syndicated, and exchanged. ROLIE is a profile of the Atom Syndication Format and the Atom Publication Protocol. SCAP Content Repository implementations based on ROLIE will provide organized collections of SCAP content, vulnerability records, and other security automation data used to automate the collection and evaluation of endpoint posture. (RFC: 8322)
ROLIE is basically notification network protocol for SCAP files. ROLIE is a profile of XML/Atom to for an SCAP Content Repository that allows security automation content to be discovered, syndicated, and exchanged.
Alberto Explains
ROLIE is like repomd.xml for SCAP files or like RSS feed for SCAP files. In fact, it is an extension to the Atom format.
Unfortunatelly, it has the same issue as the RSS/Atom ecosystem. It is hard to monetize, thus vendors rarely publish Rolie feed for the SCAP data.
Key Online Resources
- RFC: 8322, Resource-Oriented Lightweight Information Exchange (ROLIE) [Published: February 2018]
- Rolie, Github Repository [Online, 2024-04-03]
- Golie, Golang implementation of ROLIE [Online, 2024-04-03]
- MILE: Managed Incident Lightweight Exchange, Concluded IETF Working Group [Online, 2024-04-03]