Re: [mile] ROLIE Service and Category Document Location Issue
Adam Montville <adam.w.montville@gmail.com> Tue, 20 December 2016 14:32 UTC
Return-Path: <adam.w.montville@gmail.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 77B13129974 for <mile@ietfa.amsl.com>; Tue, 20 Dec 2016 06:32:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DwrR2uvQK3pj for <mile@ietfa.amsl.com>; Tue, 20 Dec 2016 06:32:18 -0800 (PST)
Received: from mail-oi0-x229.google.com (mail-oi0-x229.google.com [IPv6:2607:f8b0:4003:c06::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F112129970 for <mile@ietf.org>; Tue, 20 Dec 2016 06:32:12 -0800 (PST)
Received: by mail-oi0-x229.google.com with SMTP id b126so179391774oia.2 for <mile@ietf.org>; Tue, 20 Dec 2016 06:32:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=nepvbBvs3wV/4aIYorBOjER/fq2x3b+sRFokii8LKCI=; b=H5NLjdlBNPz8yZDCrtmOeqeup5UB4mJIJx9Dsqc4/UgfkYNKnDLiS7O14QDXcz61Nc wISiHLFgkkgcgrXSkEV51SNSEliCWSDmedn9e4O9AArX80pmeBKwVba28tnOlTXfedzk 4VntmIUqg1j/CN3awE82AnM3YSqY3o1/NBdHeTG1tswuwirryDfU36FFeGQoTOkuoysK jD/0NNWqV9947tFYJ55ECEjw/NZBgcMWGd6y1vNHJveBuEE4Ga12bCRKW/K3z+KmSFCD p1PB+zrBlF8R1zU6eJyhf1fZ1WRfQxyaTAE4Nj0OzieXxL57pr2u/XJDaOuiwTy2tunD i6RA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=nepvbBvs3wV/4aIYorBOjER/fq2x3b+sRFokii8LKCI=; b=J5xUrpBAFQNPYK9uvuYvEpkL532tDsdT76BnztvYCqwGStQGoPdAiKlQRJ8D3m6s+i 3wWzzajHfRYA036Bc4cSxjUdDxc65mT2rWqnHeY5jLur8G1hxTNTt+qqUM/tdtX4xU3c 2F9NvNk5DqKo+l1cQ2nzZHiFnKv/nsCeHsz+HjdexpqkS97dnfks77g/uxf05O7cP7OQ UJfDGjcIJtLf+uzYRVlReuY01tbfcpqdLUzGHdrIgYGrfqUQTHEfZZ2bZVl0COFwsEY/ 7FlCOJTJVD0zcm1NvfYjzTFm56xxeQUV6yc1xyIDGGzodau/XKV+37/yq4X1mbIC6oH6 OjcA==
X-Gm-Message-State: AIkVDXLrdjp8XimYlHy6b+gWpuionvE5n93KYCZMHM9Mg+5agxTOq21aQTBRrgpK+rRFFDPRrGB6VT/VzgQSnA==
X-Received: by 10.202.220.139 with SMTP id t133mr12536232oig.82.1482244331685; Tue, 20 Dec 2016 06:32:11 -0800 (PST)
MIME-Version: 1.0
References: <SN1PR09MB0960603877E8415F6A3A8D0AF0840@SN1PR09MB0960.namprd09.prod.outlook.com>
In-Reply-To: <SN1PR09MB0960603877E8415F6A3A8D0AF0840@SN1PR09MB0960.namprd09.prod.outlook.com>
From: Adam Montville <adam.w.montville@gmail.com>
Date: Tue, 20 Dec 2016 14:32:01 +0000
Message-ID: <CACknUNWGtEXhvN1yyFrmP1HaDU_xZK_zMhUEpbonFYzXJWvEKQ@mail.gmail.com>
To: "Banghart, Stephen A. (Fed)" <stephen.banghart@nist.gov>, "mile@ietf.org" <mile@ietf.org>, "alexey.melnikov@isode.com" <alexey.melnikov@isode.com>
Content-Type: multipart/alternative; boundary="001a113d5d5cdc4c9a054417e66a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/3o5Rn7TR2bed9sDoJlQ2JECPUbs>
Subject: Re: [mile] ROLIE Service and Category Document Location Issue
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Dec 2016 14:32:25 -0000
Hi Stephen, Sorry for my delayed response. I would like to find a convention/specified way to discover these services. I like A in that respect. Adam On Thu, Dec 8, 2016 at 3:06 PM Banghart, Stephen A. (Fed) < stephen.banghart@nist.gov> wrote: > As requested at the IETF 97 MILE meeting, I’ve put together some Use Case > examples of using service and category documents that highlight the primary > differences between the choices for this issue. Those options are: > > > > *A:* Require that ROLIE repositories place the Service and Category > documents in a pre-determined location based on a standardized URL > template. This location may be a link or redirect to the actual location. > > *B:* ROLIE repositories are not required to place their Service and > Category documents at a pre-determined location. > > > > The use cases below highlight the need for a well-defined location for the > service and category documents to support automated discovery. The use > cases illustrate that option B is not really an option if our goal is to > support automated discovery and use of ROLIE repositories. Feedback on the > approaches described below would be appreciated. If you are not a fan of > using well-defined URL templates, then alternate proposals that support > these automation use cases would also be appreciated. > > Thanks, > > Stephen Banghart > > > > Defined Service Document and Category Document Location Examples > > *Service Document* > > *Use Case: *A ROLIE user agent becomes aware of a host ( > examplesecurityorg.com) that hosts a ROLIE repository. The host is > identified by some means, such as by DNS Service Record lookup. However, as > the agent only knows the server host name, the agent knows neither the > location of the ROLIE feeds nor information about a given feed’s contents. > > *Goal:* In order to locate the feeds, the operator *must* find the Atom > service document located somewhere on the server. > > *With Defined Location*: If the user agent sends a GET request to “ > https://examplesecurityorg.com/rolie/servicedocument > <http://www.examplesecurityorg.com/rolie/servicedocument>”, as this is > the pre-specified location. This is handled on the server as a redirect to > its preferred service document location: “ > https://examplesecurityorg.com/1234/sec/srvdoc > <http://https:/examplesecurityorg.com/1234/sec/srvdoc>”. > > *Without Defined Location*: The agent must manually search the > front-facing section of the site, looking for a stated Atom service > document location. Failing that search, the operator must search website > documentation or contact admins of the site and request the URL. Neither of > these methods support automation and require human interaction. If the URL > can be identified using these manual methods, , the agent can now send a > GET request to “https://examplesecurityorg.com/1234/sec/srvdoc” to > retrieve the service document. > > This use case is best supported if the ROLIE repository contents can be > discovered in an automatable way. A well-defined location for the service > document provides a predictable means for collection discovery as long as > the host name of the ROLIE repository is known. > > *Category Document* > > *Use Case:* A ROLIE user agent wants to programmatically populate a list > that contains all of the categories provided by a ROLIE repository. The > category list will be used to generate search queries tailored to this > repository, as the repository may be using any number of global or local > categories, such as information-type. This ROLIE repository is also > configured to only allow POST requests if they belong to one of the > categories specified in the category document. If the user agent intends to > write to this repository it must locate the category document. > > *Goal: *The tool needs to know the full list of categories supported by > the repository. > > *With Defined Location:* The user agent sends a get request to “ > https://examplesecurityorg.com/rolie/categorydocument > <http://www.examplesecurityorg.com/rolie/categorydocument>”, and parses > it to generate a full list of supported categories. This is handled on the > server as a redirect to its preferred category document location: “ > https://examplesecurityorg.com/1234/sec/catdoc”. > > *Without Defined Location: *If the user agent is only interested in the > currently provided categories, it must parse all feeds provided by the > repository to generate a list. This activity must be repeated on every > connection, incurring a heavy performance and bandwidth cost. > > If the user agent intends to write to the repository, it must manually > search the front-facing section of the site, looking for a stated Atom > category document location. Failing that search, the operator must contact > admins of the site and request the URL. Neither of these methods support > automation and require human interaction. Having completed this task, the > agent can now send a GET request to “ > https://examplesecurityorg.com/1234/sec/catdoc”. > > Having a well-defined location for the category document can simplify and > optimize category information discovery. > > > _______________________________________________ > mile mailing list > mile@ietf.org > https://www.ietf.org/mailman/listinfo/mile >
- [mile] ROLIE Service and Category Document Locati… Banghart, Stephen A. (Fed)
- Re: [mile] ROLIE Service and Category Document Lo… Adam Montville
- Re: [mile] ROLIE Service and Category Document Lo… Panos Kampanakis (pkampana)
- Re: [mile] ROLIE Service and Category Document Lo… Takeshi Takahashi