IETF Logo Mail Archive

Re: [Cacao] [EXT] Re: [EXT] RE: Charter

"Jyoti Verma (jyoverma)" <jyoverma@cisco.com> Fri, 21 June 2019 08:36 UTC

Return-Path: <jyoverma@cisco.com>
X-Original-To: cacao@ietfa.amsl.com
Delivered-To: cacao@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B57ED120192 for <cacao@ietfa.amsl.com>; Fri, 21 Jun 2019 01:36:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.499
X-Spam-Level:
X-Spam-Status: No, score=-14.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=Vg8uLxV4; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=QI/uwBCJ
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RvqlT9sJCbzw for <cacao@ietfa.amsl.com>; Fri, 21 Jun 2019 01:36:32 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4964812018E for <cacao@ietf.org>; Fri, 21 Jun 2019 01:36:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=38409; q=dns/txt; s=iport; t=1561106191; x=1562315791; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=yIfQhCvX21jszceHt0J8DFKeceA65keZ+dgwGeFklSI=; b=Vg8uLxV4LRXCGE547H1b9xsQ/c0byI2bEsKAIW3bgzN8Gyth9p1T4RTE frMmSby+XVrsDngAfEIY9igsVFqqgYGfQUNYTCqFsecVuMnbYBii1uufm 65q+QkX4bjYTCnkwqKUhOs6ZdifM9/tC2wRS7xccFyXLsI7+jasl6cTLq E=;
IronPort-PHdr: 9a23:ojoHnhBqbR+gNVteAQgQUyQJPHJ1sqjoPgMT9pssgq5PdaLm5Zn5IUjD/qs03kTRU9Dd7PRJw6rNvqbsVHZIwK7JsWtKMfkuHwQAld1QmgUhBMCfDkiuLu/tcSEgGc1qX15+9Hb9Ok9QS47z
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AIAABUlgxd/5NdJa1lGgEBAQEBAgEBAQEHAgEBAQGBUwUBAQEBCwGBFC9QA2pVIAQLKIQWg0cDhFKKD4JbiUWNcoEugSQDVAkBAQEMAQEtAgEBhEACF4JHIzQJDgEDAQEEAQECAQVtijcMhUoBAQEEEhEdAQEqCgMBDwIBCBEDAQIhAQYDAgICHxEUCQgCBAENBRsEA4MAAYEdTQMdAQKdKwKBOIhfcYExH4JaAQEFhH4NC4IRCYE0AYtdF4FAP4ERJx+CTD6CGoJKFoJUMoImi3EGJA+CHoR5I4IDhiyNAiw/CQKCEosuhEODbhuCKIcMimiDKI0kiReNZAIEAgQFAg4BAQWBUDiBWHAVZQGCQYJBg3CKU3KBKY4OAQE
X-IronPort-AV: E=Sophos;i="5.63,399,1557187200"; d="scan'208,217";a="582103233"
Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 21 Jun 2019 08:36:27 +0000
Received: from XCH-ALN-015.cisco.com (xch-aln-015.cisco.com [173.36.7.25]) by rcdn-core-11.cisco.com (8.15.2/8.15.2) with ESMTPS id x5L8aR5D027821 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 21 Jun 2019 08:36:27 GMT
Received: from xhs-aln-002.cisco.com (173.37.135.119) by XCH-ALN-015.cisco.com (173.36.7.25) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 21 Jun 2019 03:36:27 -0500
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 21 Jun 2019 03:36:26 -0500
Received: from NAM03-CO1-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Fri, 21 Jun 2019 04:36:26 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=yIfQhCvX21jszceHt0J8DFKeceA65keZ+dgwGeFklSI=; b=QI/uwBCJ9WKfT0JpmFYEJvhrBjdDfY2rlFIN4mrq/puLWcs61+E4KLbhDBvS4vmhWFMoDadc0vkhrPqzI4RqQaLgF+y3uaz39GI3rZRI7UDq+do7treZuvnLVDwl7r5nPeYpsrR+5F2p7oL13GIurQK4Ro4D4Lg4iZHVlJG5XDE=
Received: from BYAPR11MB3029.namprd11.prod.outlook.com (20.177.225.90) by BYAPR11MB3237.namprd11.prod.outlook.com (20.177.184.74) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2008.13; Fri, 21 Jun 2019 08:36:23 +0000
Received: from BYAPR11MB3029.namprd11.prod.outlook.com ([fe80::d87f:7f47:8482:a7ee]) by BYAPR11MB3029.namprd11.prod.outlook.com ([fe80::d87f:7f47:8482:a7ee%7]) with mapi id 15.20.1987.014; Fri, 21 Jun 2019 08:36:23 +0000
From: "Jyoti Verma (jyoverma)" <jyoverma@cisco.com>
To: "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>, Bret Jordan <jordan.ietf@gmail.com>
CC: Bret Jordan <Bret_Jordan@symantec.com>, "cacao@ietf.org" <cacao@ietf.org>, Allan Thomson <athomson@lookingglasscyber.com>
Thread-Topic: [Cacao] [EXT] Re: [EXT] RE: Charter
Thread-Index: AQHVJeH3taRs0Jjn60yUJM0gvhHTF6aheQuAgACC9ICAAI2iAIAACogAgAAKToCAAArHgIAAF0qAgAATCoCAAAQVAIAABHCAgAAHQwCAAVsHAIAANyoAgAEghAD//8GjAA==
Date: Fri, 21 Jun 2019 08:36:23 +0000
Message-ID: <F66C50A3-69D2-4B09-90CD-FEA5C4DED4BC@cisco.com>
References: <BYAPR16MB30133C3DAF3CF2060CE4B565EDEA0@BYAPR16MB3013.namprd16.prod.outlook.com> <787AE7BB302AE849A7480A190F8B93302EAA890F@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <BYAPR16MB30137AC9C00633E80C7C8D65EDEA0@BYAPR16MB3013.namprd16.prod.outlook.com> <779CCF55-FABB-4BA1-9D84-1D9761A32944@tzi.org> <BYAPR16MB30139D44233E0256099264DCEDEA0@BYAPR16MB3013.namprd16.prod.outlook.com> <25088b69-1225-3f3c-b0e2-38e25f1f48fb@article19.org> <A7038D6C-C1C3-4B6A-B928-AC87F7A87AFC@gmail.com> <6130.1560896363@dooku.sandelman.ca> <634A811D-3674-42ED-A46F-9CDD8EFD5CEE@symantec.com> <787AE7BB302AE849A7480A190F8B93302EAA8FE0@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <B29832F6-8239-498C-A65D-A22B70A4A691@gmail.com> <787AE7BB302AE849A7480A190F8B93302EAA905B@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <05E3F9C3-20C6-47E4-9B68-DE9D81D9C358@lookingglasscyber.com> <787AE7BB302AE849A7480A190F8B93302EAA917C@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <92A6388D-ED3D-4B77-BA01-AE97E201681F@symantec.com> <787AE7BB302AE849A7480A190F8B93302EAA91C9@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <A8E5A7FB-F771-477C-90E5-4E2DE4FA69E6@gmail.com> <787AE7BB302AE849A7480A190F8B93302EAA9CD5@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <3DF37C63-B813-4D7E-8AD0-0BF038899E34@gmail.com> <787AE7BB302AE849A7480A190F8B93302EAAA500@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
In-Reply-To: <787AE7BB302AE849A7480A190F8B93302EAAA500@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
authentication-results: spf=none (sender IP is ) smtp.mailfrom=jyoverma@cisco.com;
x-originating-ip: [2001:420:c0c8:1002::1c9]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 4a2d7af8-980a-4af1-f9ad-08d6f6238b05
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:BYAPR11MB3237;
x-ms-traffictypediagnostic: BYAPR11MB3237:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <BYAPR11MB32374433844F8E8B4A001082D1E70@BYAPR11MB3237.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0075CB064E
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(396003)(346002)(376002)(366004)(39860400002)(189003)(199004)(66556008)(5660300002)(36756003)(76176011)(99286004)(73956011)(186003)(66946007)(66446008)(2906002)(6506007)(53546011)(8676002)(81156014)(81166006)(9326002)(8936002)(7736002)(71190400001)(71200400001)(102836004)(66476007)(86362001)(25786009)(2501003)(53936002)(14444005)(256004)(561944003)(33656002)(54896002)(6512007)(236005)(6306002)(6436002)(229853002)(64756008)(6486002)(476003)(486006)(2616005)(446003)(11346002)(110136005)(54906003)(58126008)(4326008)(316002)(76116006)(6116002)(478600001)(6246003)(68736007)(46003)(14454004); DIR:OUT; SFP:1101; SCL:1; SRVR:BYAPR11MB3237; H:BYAPR11MB3029.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: gAjG1Fgc1K5KvqY5Qt2AQk1fh0YmNSHDe39OSKe66KeGUOIjhLEotj7Ylu1ErTPjU8wTBrB/kpQvagP+iI37GT6uC+v8h2Z92KbrwebYYFdZssnca4SNjLa5BBcrJ57MzyJbQw91heU94S9mlh0tBON3u/BA2n+p5BnOZ1PKY9hMM29fufxhYV0xKu0CSBVwttAOZbImyO6Y8HUnzbGPJ1UYu+1pE0V+QJ4CEeJsSghVBqIGkue59lpsRlDUA3W2Wy9dLONIn7lKz6jG1QOz8fqrk6FLLcqBjVERfrVePiTXVzMfiL34X2nkG/JEsn+24uMwhxSqtV0r5Sd2mH0+sgD0lUV5T2pXyKZ7kvpCevWEeDlMiXEVvyhfzO0I3AfcyIoU/mDRW4MT2e9M6lefV0zsa+LeZcQSZZ7PQ1EM6kc=
Content-Type: multipart/alternative; boundary="_000_F66C50A369D24B0990CDFEA5C4DED4BCciscocom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 4a2d7af8-980a-4af1-f9ad-08d6f6238b05
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Jun 2019 08:36:23.4619 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: jyoverma@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR11MB3237
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.25, xch-aln-015.cisco.com
X-Outbound-Node: rcdn-core-11.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/cacao/rAtlZEP6cZaglpUnHKjc9ejE8BI>
Subject: Re: [Cacao] [EXT] Re: [EXT] RE: Charter
X-BeenThere: cacao@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Collaborative Automated Course of Action Operations <cacao.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cacao>, <mailto:cacao-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cacao/>
List-Post: <mailto:cacao@ietf.org>
List-Help: <mailto:cacao-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cacao>, <mailto:cacao-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Jun 2019 08:36:36 -0000

Hi Med,

I don’t see why YANG or any other modeling language couldn’t be used to model playbooks but defining the modeling spec such as any YANG models for CACAO should not be in scope for the working group IMO. The core of the work should be to define the data model for the playbooks in JSON along with the protocol for sharing them.

Thanks,
Jyoti

From: Cacao <cacao-bounces@ietf.org> on behalf of "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>
Date: Thursday, June 20, 2019 at 10:19 PM
To: Bret Jordan <jordan.ietf@gmail.com>
Cc: Bret Jordan <Bret_Jordan@symantec.com>, "cacao@ietf.org" <cacao@ietf.org>, Allan Thomson <athomson@lookingglasscyber.com>
Subject: Re: [Cacao] [EXT] Re: [EXT] RE: Charter

Bret,

Please don’t get paranoid :-)

I raised that question because I suspect a disconnect between two of us. For example, when you say “YANG my take off at some point”, I don’t parse that especially in reference to my proposal to use YANG for data modeling * not * for application data encoding. The use of YANG will allow to easily map to JSON object, CBOR, etc.

I won’t reiterate the comments made by Carsten.

Cheers,
Med

De : Bret Jordan [mailto:jordan.ietf@gmail.com]
Envoyé : jeudi 20 juin 2019 14:07
À : BOUCADAIR Mohamed TGI/OLN
Cc : Bret Jordan; Allan Thomson; cacao@ietf.org
Objet : Re: [Cacao] [EXT] Re: [EXT] RE: Charter

Mohamed,

I am not sure I fully understand your question or what you are trying to get me to say.  As such I do not want to respond in a way that is going to be wrong.  So let me try and explain how I see this working and see if it resolves your question.

The data model will consist of a series of property tables that are defined using JSON data types.

Example:

Property Name              | Type    | Description
name (required)            | string  | The name of this action
created (required)         | string  | The time that this action was created in RFC 3339
sequence_number (optional) | integer | The number …..

All examples will also be in JSON

{
  “name” : “deny ip”,
  “created” : “2019-06-20T12:12:12.123”,
  “sequence_number” : 1
}


All interoperability tests will require that tools support JSON.

If someone want to take the property tables and write a solution for Protobuf, that is their choice.  But they would not be able to claim they are compliant or conformant with the spec if they do not support JSON.  The whole purpose is to get wide scale adoption.


Thanks,
Bret
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."



On Jun 20, 2019, at 10:49 AM, mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com> wrote:

Hi Bret,

You didn’t answered my question : “Are you referring to application encoding or data modelling part?”.

In your reply, you are suggesting that versions can be considered … which implies that handling versioning will be a requirement. The data model should allow for such feature + easily allow to augment whatever initial version of that module. YANG, used for data modelling, makes a lot of sense here.

You also suggest that future encodings may be defined…which suggests that whatever solution that will be specified will need to handle such capability.

Cheers,
Med

De : Bret Jordan [mailto:jordan.ietf@gmail.com]
Envoyé : mercredi 19 juin 2019 14:07
À : BOUCADAIR Mohamed TGI/OLN
Cc : Bret Jordan; Allan Thomson; cacao@ietf.org<mailto:cacao@ietf.org>
Objet : Re: [Cacao] [EXT] Re: [EXT] RE: Charter

The initial version needs to be done in JSON, if we want the market as a whole to adopt this. I have walked the floor at RSA and Blackhat for the past 2 years talking to all of the vendors that would potentially implement this.  They all say the same thing.  If it was JSON, they could easily do it.  If it is something else, well, maybe, maybe not.  We would then be reliant on market pressure and consumers to influence vendors to adopt.  That can take 10 years or more. Usually by then, the standard is failed and the market has moved on.  Let us not be yet another standard on the dusty shelves of of the SDO Library.

Further, anything not JSON would require the Web2.0 world of products and APIs to support something totally different.  CBOR may take off at some point.  YANG my take off at some point.  XML may come back from the dead. But right now, today, JSON is the model that the developers of products use and know. Adding additional hurtles for the solution to be adopted is not a good idea for this first version.

Overtime, once we get our first versions done and out the door and they get adopted, we can make changes or add functionality based on market demand.  If the market comes back and says, hey, we really need this done in a binary format like Protobuf, then great.  We can write a binding for that.



Thanks,
Bret
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."




On Jun 19, 2019, at 1:41 PM, mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com> wrote:

Re-,

Please see inline.

Cheers,
Med

De : Bret Jordan [mailto:Bret_Jordan@symantec.com]
Envoyé : mercredi 19 juin 2019 13:26
À : BOUCADAIR Mohamed TGI/OLN
Cc : Allan Thomson; Bret Jordan; cacao@ietf.org<mailto:cacao@ietf.org>
Objet : Re: [Cacao] [EXT] Re: [EXT] RE: Charter

I fundamentally do not support the idea of not using JSON for this work.
[Med] Are you referring to application encoding or data modelling part?

 Over time we may write a binding document for some other serialization.  But we need something that can be implemented and have guaranteed interoperability.
[Med] Why CBOR wouldn’t be an option here? BTW, there might be other requirements such as compactness (that may be worth when actions are enriched/augmented on-path). As a group, we don’t have yet the full set of requirements to make a design choice.

In order to gain mass adoption, we need a solution that can be used by the existing eco system.

Bret
Sent from my Commodore 128D

v2.23.0 | Report a Bug | By Email