Document Action: 'Endpoint Security Posture Assessment - Enterprise Use Cases' to Informational RFC (draft-ietf-sacm-use-cases-10.txt)

The IESG <iesg-secretary@ietf.org> Thu, 02 July 2015 16:06 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B856A1AC439; Thu, 2 Jul 2015 09:06:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 75NlBahqXsBv; Thu, 2 Jul 2015 09:06:39 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C66F1AC43B; Thu, 2 Jul 2015 09:06:36 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: "IETF-Announce" <ietf-announce@ietf.org>
Subject: Document Action: 'Endpoint Security Posture Assessment - Enterprise Use Cases' to Informational RFC (draft-ietf-sacm-use-cases-10.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 6.0.4.p1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150702160636.22431.50044.idtracker@ietfa.amsl.com>
Date: Thu, 02 Jul 2015 09:06:36 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-announce/hpO-89swZZMj7kuUK3ZjfBBufG4>
Cc: sacm mailing list <sacm@ietf.org>, sacm chair <sacm-chairs@tools.ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: ietf@ietf.org
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jul 2015 16:06:40 -0000

The IESG has approved the following document:
- 'Endpoint Security Posture Assessment - Enterprise Use Cases'
  (draft-ietf-sacm-use-cases-10.txt) as Informational RFC

This document is the product of the Security Automation and Continuous
Monitoring Working Group.

The IESG contact persons are Stephen Farrell and Kathleen Moriarty.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-sacm-use-cases/





Technical Summary

  This memo documents a sampling of use cases for securely aggregating
  configuration and operational data and evaluating that data to
  determine an organization's security posture.  From these operational
  use cases, we can derive common functional capabilities and
  requirements to guide development of vendor-neutral, interoperable
  standards for aggregating and evaluating data relevant to security
  posture.

Working Group Summary

  The working group paid a lot of attention to this document because it 
  was considered as important for the definition of the scope, requirements
  and solution architecture for SACM. It was reviewed carefully and discussed
  in details in meetings and on the mail list by a large number of participants. 
  The resulting work reflects a solid consensus.  

Document Quality

  The draft describes use cases and is informational, so it has not been 
  implemented, but does demonstrate consensus of the working group
  of which, many have plans to implement.

  There is a sound interest in SACM, and this is the first WG document. The reviews
  and discussions were solid and in depth. Using some kind of formal language
  was considered but eventually the WG had strong consensus for the current
  (plain English) ways of expressing the use cases. Subsequent drafts in SACM 
  reference this use case draft, including the requirements and architecture drafts.



Personnel

  Dan Romascanu is the document shepherd. 
  Kathleen Moriarty is the responsible AD.