Re: [mile] Working group last call for ROLIE
"Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com> Fri, 28 April 2017 17:41 UTC
Return-Path: <ncamwing@cisco.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E91B7129493 for <mile@ietfa.amsl.com>; Fri, 28 Apr 2017 10:41:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.522
X-Spam-Level:
X-Spam-Status: No, score=-14.522 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k70ZMaTVX-M8 for <mile@ietfa.amsl.com>; Fri, 28 Apr 2017 10:41:32 -0700 (PDT)
Received: from alln-iport-2.cisco.com (alln-iport-2.cisco.com [173.37.142.89]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DEE11293FB for <mile@ietf.org>; Fri, 28 Apr 2017 10:38:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=36124; q=dns/txt; s=iport; t=1493401081; x=1494610681; h=from:to:subject:date:message-id:mime-version; bh=kfi05+LIgZFxz0Yal/BoBCh0v7hXGPU+/jVRSAmlwTo=; b=MWVv6RSjDTM1c/LRRV3MoESJE1LL9IsbqdXIrWQ399oc6vXUxFIs4AGb 2TXW5xviuzv2xtZ26gFqM0Bx0EZHQvzW6PpKdlvMlo9aREeRTDM3UohEh FvMxt3po5N4CPqZ4BIDu98wMDclmUNXKB5QdORPExJSu/SYaRTs04aitG k=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AuAQAffQNZ/5xdJa1eGQEBAQEBAQEBAQEBBwEBAQEBgm48K2GBDAeDYYoYkSwhlW2CDyyFeByEHD8YAQIBAQEBAQEBax0LhRUBBh0GCl4BBgIRAQIBAiEKAgQwFwYKBBOKHw6RGY1VkAyCJiuKXAEBAQEBAQEBAQEBAQEBAQEBAQEBARgFhE6DbysLgmSESQI0gmYugjEFnVEBhxqLcwuBd4U3g2WGQIh1izMBHziBCm8VVgGGXXWFMIEvgQ0BAQE
X-IronPort-AV: E=Sophos;i="5.37,388,1488844800"; d="scan'208,217";a="414316540"
Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by alln-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 28 Apr 2017 17:38:00 +0000
Received: from XCH-RTP-015.cisco.com (xch-rtp-015.cisco.com [64.101.220.155]) by rcdn-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id v3SHbxdd025645 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL) for <mile@ietf.org>; Fri, 28 Apr 2017 17:37:59 GMT
Received: from xch-rtp-015.cisco.com (64.101.220.155) by XCH-RTP-015.cisco.com (64.101.220.155) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Fri, 28 Apr 2017 13:37:59 -0400
Received: from xch-rtp-015.cisco.com ([64.101.220.155]) by XCH-RTP-015.cisco.com ([64.101.220.155]) with mapi id 15.00.1210.000; Fri, 28 Apr 2017 13:37:58 -0400
From: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>
To: "mile@ietf.org" <mile@ietf.org>
Thread-Topic: [mile] Working group last call for ROLIE
Thread-Index: AQHSwEYtr6wDNOac8kGdCvFSYYucRw==
Date: Fri, 28 Apr 2017 17:37:58 +0000
Message-ID: <EDAFDAEB-4950-4F04-A0F1-CE7F12582960@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.1a.0.160910
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.154.228.194]
Content-Type: multipart/alternative; boundary="_000_EDAFDAEB49504F04A0F1CE7F12582960ciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/exxetC1RTbmVktpcE7X6k-meVNA>
Subject: Re: [mile] Working group last call for ROLIE
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Apr 2017 17:41:34 -0000
Hi Steven,
I was able to get thru most of the draft though, I didn’t get to do a thorough review of Section 6 as I wanted to make sure I could get a first pass by today. Here are some comments and questions based on my review of the ROLIE draft:
Section 1:
“Feeds” has had some errata updated in RFC 5988; it would be useful to reference that as well.
What do you mean by: “Through use of granular authentication and access controls,
only authorized consumers may be permitted the ability to read or
write to a given Feed.”
- I believe that the “granular authentication and access controls” is “granular” as the consumer must authenticate directly to the particular HTTP-server hosting the Feed(s), is that correct? Based on the example in Appendix B.1, a Feed maps to the availability of extracting a document (or information) type(s) but only from a particular/known resource (e.g. HTTP server). But then, the consumer has to know all the potential resources to be able to query or “discover” what is available (e.g. Feeds), is that correct?
Given that, I’m not sure the references to “point-to-point” that follow are quite correct….that is, one entity is talking directly to another (e.g. no multicast)
Section 2:
Information Type definition includes: “…that is the subject of a security
process that can be automated”
- Can you clarify what is meant by or describe what processes are automated beyond being able to interpret the data models as defined by the next set of drafts that further instantiate a ROLIE “Information Types”?
Section 4: I agree with Charles’ that there are claims that am not sure apply. The biggest benefit I see is that ROLIE instantiates an open model by which security information can be instantiated and shared. But the transport (HTTPs) use is constrained and so is there a lack of general discovery of the resources available to disseminate security information.
Section 4.1: I can see the ability to proactively share, but do not see it readily using the HTTPs protocol as it is inherently a client-server model. While one can poll or block until a request is fulfilled, I don’t view that as really being a proactive model.
I am likely not interpreting the example correctly as it is somewhat vague. The example seems to indicate a level of indirection or inference that there is some overarching methodology by which a “search” to all available resources or feeds thru representation to include all the appropriate links to the resources?
Section 4.2: Is the intent of this section to highlight availability of different types of information that can be correlated (or aggregated)? As implied in the 1st paragraph or is it about the need to Federate information mentioned in the last paragraph?
[nit] The middle paragraph should use either “management system” or “monitoring system”.
Section 4.3: I perceive the intent of this section is to highlight that the architecture enables a producer to disclose information to consumers and potentially “filter” either based on the access control/authorization of the information elements or the particular consumer (or both). Similarly, a consumer can choose which Feeds to tap into.
That is independent of how the data is stored (e.g. data repository). My suggestion is to use the notion of “discovering available information” (or information types) vs. “repositories”.
Section 5.1.1: “repository” is really the “collection of security information” and suggest that the term not be used in this context as “repository” has storage implications and considerations which imho are more to an implementation detail. I believe ROLIE is defining the data organization for carrying security info.
- The first bullet, if it is private, why disclose it at all? If the intent is to enable disclosure of some information to authorized parties or based on access controls, then it is really not private. So, I am not sure why this is needed?
ۍ The second bullet makes sense, but then is this a recommendation that drafts providing “Information Types” MUST provide these conventions?
Section 5.3: Given that TLS just published version 1.3, I am not sure that a MUST to “most recent” is warranted as new versions will be forthcoming and will break this requirement to implementations that may take time to update to “most recent”. This is a SHOULD, but can mandate minimum version (e.g. 1.2 or 1.3 for now?)
- Shouldn’t ROLIE enforce a MUST on mutual authentication? Suggest rewording to one sentence if intent is to “MUST mutually authenticate using x.509 certificates”
- If the intent is a MUST to use certs, could that be prohibitive as now certificate management could be a barrier for adoption?
- What if OCSP is used? Is that not allowed given that RFC5280 is
Section 5.4: Is there a distinction between a (human) user vs. an application wanting to authenticate to a server?
Section 9:
There should be considerations for the Service Discovery as well.
There should be considerations for the confidentiality and integrity of the information as the data is in motion (no need for storage considerations).
Given that Section 5.3 has a MUST for certificates, I am not connecting the notion of the federation tie? This paragraph should be placed in its own section but the Security considerations should discuss the security implications of enabling the federation.
General: given the nature of sharing information, there should be a section that speaks to the Privacy considerations for both the act of sharing information as well as the discovery mechanism.
Overall I think the draft reads well and is close to shepherding thru ☺
Regards, Nancy
From: mile <mile-bounces@ietf.org> on behalf of "ncamwing@cisco.com" <ncamwing@cisco.com>
Date: Tuesday, March 28, 2017 at 4:27 PM
To: "mile@ietf.org" <mile@ietf.org>
Subject: [mile] Working group last call for ROLIE
Colleagues,
Given the significant changes made to the last draft, we are doing another 30day WGLC for
https://tools.ietf.org/html/draft-ietf-mile-rolie-06
Please provide comments before May 1st and provide your support and/ or raise any issue you feel are yet to be addressed.
Regards, Nancy
- Re: [mile] Working group last call for ROLIE Adam Montville
- Re: [mile] Working group last call for ROLIE Banghart, Stephen A. (Fed)
- Re: [mile] Working group last call for ROLIE Adam Montville
- Re: [mile] Working group last call for ROLIE Banghart, Stephen A. (Fed)
- Re: [mile] Working group last call for ROLIE John Field
- Re: [mile] Working group last call for ROLIE Adam Montville
- Re: [mile] Working group last call for ROLIE Banghart, Stephen A. (Fed)
- Re: [mile] Working group last call for ROLIE Schmidt, Charles M.
- Re: [mile] Working group last call for ROLIE Schmidt, Charles M.
- Re: [mile] Working group last call for ROLIE Nancy Cam-Winget (ncamwing)
- Re: [mile] Working group last call for ROLIE Waltermire, David A. (Fed)
- Re: [mile] Working group last call for ROLIE Waltermire, David A. (Fed)
- Re: [mile] Working group last call for ROLIE Nancy Cam-Winget (ncamwing)
- Re: [mile] Working group last call for ROLIE Kathleen Moriarty
- Re: [mile] Working group last call for ROLIE Nancy Cam-Winget (ncamwing)
- [mile] Working group last call for ROLIE Nancy Cam-Winget (ncamwing)
- Re: [mile] Working group last call for ROLIE Nancy Cam-Winget (ncamwing)
- Re: [mile] Working group last call for ROLIE Panos Kampanakis (pkampana)
- Re: [mile] Working group last call for ROLIE Banghart, Stephen A. (Fed)
- Re: [mile] Working group last call for ROLIE Nancy Cam-Winget (ncamwing)