IETF Logo Mail Archive

Re: [mile] [sacm] Fwd: New Version Notification for draft-mandm-sacm-rolie-configuration-checklist-00.txt

Adam Montville <adam.w.montville@gmail.com> Wed, 28 June 2017 19:43 UTC

Return-Path: <adam.w.montville@gmail.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E675012EAC2 for <mile@ietfa.amsl.com>; Wed, 28 Jun 2017 12:43:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MrDqxX6sqAiF for <mile@ietfa.amsl.com>; Wed, 28 Jun 2017 12:43:51 -0700 (PDT)
Received: from mail-io0-x22b.google.com (mail-io0-x22b.google.com [IPv6:2607:f8b0:4001:c06::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F547126DC2 for <mile@ietf.org>; Wed, 28 Jun 2017 12:43:51 -0700 (PDT)
Received: by mail-io0-x22b.google.com with SMTP id r36so41869663ioi.1 for <mile@ietf.org>; Wed, 28 Jun 2017 12:43:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=UaVkYJo4G6WTnMJVYWlgyiRats8SLylBOq8YLnae9qY=; b=kacHZ5bJrWSZPEF5gxN/s/2t2qeBvbjqWzyoJ7itWNE4J++rekBY9XESETe93JLtvr gDHQJh70vNFE/bpxnAP/enht2uRvjzMIefLEYc0H5QoauwiL3j17NUM+Z1jYNbqrttuZ FHA8HYbAqy2MMGC28/foVFUhuJTYMEdFR4l3pIl7OHcj4AJ534zndI40BqDbkUBIgl0z gxyD5POE1pO9CpSXu8wkvvoCx5Y8bARLlfEIFgfC8WHdx61yCQK+12b7RXZr/bFeyhyM EzIbsr1ESBUg4KgI9I7S9JQt+zMtuxQsLWo52Z0h/C9/5ZmEi5FPhq0Y3ZJoHt4IdyZI jMZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=UaVkYJo4G6WTnMJVYWlgyiRats8SLylBOq8YLnae9qY=; b=mpW+fFSJ5xr0pcAMKSkz7cpcZEp9cTtaHcHFaJT9NFPLYSfFQnC8QIAM7dNS978U7S Dz7brBYIhE24dqOmLTPfQt6tba7TUQbQRIdWO9ctKp2UcD/wTwTCftz9y971xOlVuZCe eCMJjs6+QIp3VBI6czmQG70gzy4rp/geK/+43E4QMp0rxfsTSeWvmRPLcQrEyBBsHWUZ 7YZKRKsxGqv2AjbAkBWkqqqbQOShEX7E3QwWmfGCNn0UmDrcq/HpT+3QmphOf+GGlqzf PGIqc6D8raPwUQ+W7TTje2Sy+s4Wvrb2WDARn6rh/V+k8VjzFUoRa34ctgb/E9yzij8w BpFA==
X-Gm-Message-State: AKS2vOygg/nIC7OWZtiN1KEzR7ipRAp6fQzeIDEKVI5cCFEVC/7q32Ye Vaio8RPzxTdSk69NEMTyvz+J9epC/xT+
X-Received: by 10.107.188.3 with SMTP id m3mr13669650iof.113.1498679030633; Wed, 28 Jun 2017 12:43:50 -0700 (PDT)
MIME-Version: 1.0
References: <149762565589.572.11869428600141425823.idtracker@ietfa.amsl.com> <CACknUNVyMWSmF=gpjwEsyPdyTtNBmJnRfSLMmMGAgMc4=8Dg_A@mail.gmail.com> <DM5PR09MB1307894D9221B0497441BF96F0DD0@DM5PR09MB1307.namprd09.prod.outlook.com>
In-Reply-To: <DM5PR09MB1307894D9221B0497441BF96F0DD0@DM5PR09MB1307.namprd09.prod.outlook.com>
From: Adam Montville <adam.w.montville@gmail.com>
Date: Wed, 28 Jun 2017 19:43:39 +0000
Message-ID: <CACknUNXjLnSpwbpRXyeX_4ZOXPqn9gTHkFEpBZiqT2HwBBf-CA@mail.gmail.com>
To: "Banghart, Stephen A. (Fed)" <stephen.banghart@nist.gov>, "mile@ietf.org" <mile@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c0763d840fd5905530a6732"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/GUG0P-xscU4kDmxAak435_YseJU>
Subject: Re: [mile] [sacm] Fwd: New Version Notification for draft-mandm-sacm-rolie-configuration-checklist-00.txt
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Jun 2017 19:43:55 -0000

Thanks, Stephen.

With respect to producing a standard template for ROLIE extensions, I think
that could be useful, either as a separate draft or, perhaps, as an
appendix in ROLIE proper.

We'll get to your other comments as soon as possible.

Kind regards,

Adam

On Wed, Jun 28, 2017 at 11:00 AM Banghart, Stephen A. (Fed) <
stephen.banghart@nist.gov> wrote:

> All,
>
>
>
> I finished my review of this document and had some personal feedback/would
> like to start some discussion. I’d also like to pose a question to the
> group/authors: would it be valuable to produce a standard template for
> ROLIE Extensions? We could create a template that would enumerate the
> required and optional sections, and discuss the intended content of each
> section. If this would provide value to anyone I’d be willing to put it
> together.
>
>
>
> *Introduction:*
>
>
>
> How would ROLIE fit into the checklist ecosystem you describe here? I
> understood your explanation of how these checklists may be used in general,
> but not how they may be used/published/downloaded from a ROLIE repository.
>
>
>
> *New information-types*
>
>
>
> I had a hard time trying to pin down what exactly would fall under the
> “configuration-checklist” information type given the description here. I
> think the list of configuration checklist components threw me off. For
> example: ‘ A “Value” ’. What is the definition of value here? Is a
> standalone “Value” a valid configuration-checklist information type? Some
> of these things seem like valid checklist content, like rules and profiles,
> but I didn’t see where the rest fit the definition given at the head of the
> section.
>
>
>
> In ROLIE SWD and ROLIE CSIRT, we provide a list of example information
> that could be, if placed into <content> by themselves, classified as the
> information type in question, rather than the components that make up that
> information type. That approach may make it easier for me to understand the
> configuration checklist information type at a higher level.
>
>
>
> *Usage of Configuration Checklist Information in the Atom Publishing*
>
> *    Protocol*
>
>
>
> The first paragraph talks about “these requirements” but no requirements
> are listed in this section. I may have misunderstood the XML snippet at the
> bottom of this section, however.
>
>
>
> *The 'atom:content' Element*
>
>
>
> The serialization type is provided as a MIME type in the content element,
> so it doesn’t need to be declared in the specification. If a serialization
> has some bearing on other requirements, the MIME type should probably be
> referenced so that your requirement is machine enforceable.
>
>
>
> *The 'rolie:format' Element’*
>
>
>
> The format element describes the data model in use, not the serialization.
> If I understand correctly (I may not), at it stands today the relevant data
> model for this information-type is XCCDF and maybe OVAL, which could be
> serialized in XML, JSON, and if you’re really creative, even Excel, Word,
> and PDF. Discussing these data models would probably help me pin down what
> the configuration checklist information type entails as well.
>
>
>
> *Configuration checklist metadata included in the 'rolie:property'*
>
> *      Element*
>
>
>
> So after looking through these we’ve realized that some of them would be
> valuable to include in the ROLIE core specification. I’ve sent an email to
> the MILE list to request the addition of “content-version”, “content-id”,
> and “content-published-date”. These would replace your “checklist version”,
> ”title”, and “publication date” properties, respectively. We also already
> have a “content-author” property, so you needn’t register “author”.
>
>
>
> For the rest of the properties, I would note that property names can’t
> have spaces in them, as they form a URN (e.g.
> urn:ietf:params:rolie:property:content-author-name).
>
>
>
> Is the product category property intended for human or machine
> consumption? A non-standardized open world plain text description seems
> dangerously vague for machine consumption. If this is something that is
> important to this extension, a new IANA table where each of these
> categories are enumerated and described would be a good solution.
>
>
>
> Depending on how these product categories are used, also consider
> registering them as categories instead of properties. I’m not sure if these
> values are more commonly used as organizing buckets or just as additional
> identifying information.
>
>
>
> *Atom:link Registrations*
>
>
>
> You can have 0..n of any given link element.
>
>
>
> These registrations would take place at
> https://www.iana.org/assignments/link-relations/link-relations.xhtml,
> which is designed to hold general purpose link relations. As described in
> the ROLIE core link extension point section, domain specific link relations
> shouldn’t be registered to this table.
>
>
>
> It would be helpful for me if you explicitly defined what you mean by
> “conformance”. Is this implementation or usage conformance?
>
>
>
> *IANA Considerations*
>
>
>
> I’m unclear on what the “New IANA table for "ROLIE Entry Format"” block of
> text is meant to be. Is this a new table registration? ROLIE core doesn’t
> establish a table for registering formats. CVRF and CVE are probably not
> relevant formats for configuration checklists regardless right? I would
> imagine those are formats used to describe some future “vulnerability”
> information type.
>
>
>
> The reference field of the information type registration should contain a
> reference to “this document”, to satisfy the registration requirement. The
> registrations for links, properties, and categories will have to be listed
> here at some point as well.
>
>
>
> Thanks,
>
> Stephen Banghart
>
>
>
> *From:* sacm [mailto:sacm-bounces@ietf.org] *On Behalf Of *Adam Montville
> *Sent:* Friday, June 16, 2017 11:20 AM
> *To:* sacm@ietf.org
> *Subject:* [sacm] Fwd: New Version Notification for
> draft-mandm-sacm-rolie-configuration-checklist-00.txt
>
>
>
> Not necessarily for immediate review, but we've submitted a ROLIE
> extension for configuration checklists. This is intended to get the
> conversation started at some point.
>
> ---------- Forwarded message ---------
> From: <internet-drafts@ietf.org>
> Date: Fri, Jun 16, 2017 at 10:07 AM
> Subject: New Version Notification for
> draft-mandm-sacm-rolie-configuration-checklist-00.txt
> To: Bill Munyan <bill.munyan.ietf@gmail.com>, Adam Montville <
> adam.w.montville@gmail.com>
>
>
>
>
> A new version of I-D, draft-mandm-sacm-rolie-configuration-checklist-00.txt
> has been successfully submitted by Adam Montville and posted to the
> IETF repository.
>
> Name:           draft-mandm-sacm-rolie-configuration-checklist
> Revision:       00
> Title:          Definition of the ROLIE configuration checklist Extension
> Document date:  2017-06-16
> Group:          Individual Submission
> Pages:          10
> URL:
> https://www.ietf.org/internet-drafts/draft-mandm-sacm-rolie-configuration-checklist-00.txt
> Status:
> https://datatracker.ietf.org/doc/draft-mandm-sacm-rolie-configuration-checklist/
> Htmlized:
> https://tools.ietf.org/html/draft-mandm-sacm-rolie-configuration-checklist-00
> Htmlized:
> https://datatracker.ietf.org/doc/html/draft-mandm-sacm-rolie-configuration-checklist-00
>
>
> Abstract:
>    This document extends the Resource-Oriented Lightweight Information
>    Exchange (ROLIE) core by defining a new information-type to ROLIE's
>    atom:category pertaining to security configuration checklists.
>    Additional supporting requirements are also defined which describe
>    the use of specific formats and link relations pertaining to the new
>    information-type.
>
>
>
>
> Please note that it may take a couple of minutes from the time of
> submission
> until the htmlized version and diff are available at tools.ietf.org.
>
> The IETF Secretariat
>

v2.23.0 | Report a Bug | By Email