IETF Logo Mail Archive

Re: [mile] Clarifying iodef:SoftwareType (Issue #47)

Sean Turner <turners@ieca.com> Tue, 24 March 2015 23:31 UTC

Return-Path: <turners@ieca.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57B771A0318 for <mile@ietfa.amsl.com>; Tue, 24 Mar 2015 16:31:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.567
X-Spam-Level:
X-Spam-Status: No, score=-1.567 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5oTR8sNv60ej for <mile@ietfa.amsl.com>; Tue, 24 Mar 2015 16:31:19 -0700 (PDT)
Received: from gateway08.websitewelcome.com (gateway08.websitewelcome.com [69.56.142.29]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 10F751A00CD for <mile@ietf.org>; Tue, 24 Mar 2015 16:31:19 -0700 (PDT)
Received: by gateway08.websitewelcome.com (Postfix, from userid 5007) id 86B4899BAF319; Tue, 24 Mar 2015 18:31:18 -0500 (CDT)
Received: from gator3286.hostgator.com (gator3286.hostgator.com [198.57.247.250]) by gateway08.websitewelcome.com (Postfix) with ESMTP id 78EA499BAF2FA for <mile@ietf.org>; Tue, 24 Mar 2015 18:31:18 -0500 (CDT)
Received: from [31.133.182.133] (port=52574 helo=dhcp-b685.meeting.ietf.org) by gator3286.hostgator.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.82) (envelope-from <turners@ieca.com>) id 1YaYI0-0003TZ-Sk; Tue, 24 Mar 2015 18:31:16 -0500
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Sean Turner <turners@ieca.com>
In-Reply-To: <359EC4B99E040048A7131E0F4E113AFCD93D2DE8@marathon>
Date: Tue, 24 Mar 2015 18:31:14 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <A7CB3F92-1F1E-4203-A241-88CE84F9F75E@ieca.com>
References: <359EC4B99E040048A7131E0F4E113AFCD93D2DE8@marathon>
To: "Roman D. Danyliw" <rdd@cert.org>
X-Mailer: Apple Mail (2.1878.6)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - gator3286.hostgator.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - ieca.com
X-BWhitelist: no
X-Source-IP: 31.133.182.133
X-Exim-ID: 1YaYI0-0003TZ-Sk
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: (dhcp-b685.meeting.ietf.org) [31.133.182.133]:52574
X-Source-Auth: sean.turner@ieca.com
X-Email-Count: 1
X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IzMjg2Lmhvc3RnYXRvci5jb20=
Archived-At: <http://mailarchive.ietf.org/arch/msg/mile/nbG33RfOd8F7ZoiTbr-uE2DJFg4>
Cc: "mile@ietf.org" <mile@ietf.org>
Subject: Re: [mile] Clarifying iodef:SoftwareType (Issue #47)
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Mar 2015 23:31:20 -0000

Roman,

Clarifying questions:
1. Can you get a SWID for free?
2. Is there a mapping between CPE <-> SWID?

spt

On Mar 24, 2015, at 14:55, Roman D. Danyliw <rdd@cert.org> wrote:

> Good afternoon!
> 
> One of the remaining issues with rfc5070bis is to clarify the iodef:SoftwareType.  See Issue #47 [1].  We discussed this impasse in Honolulu [2].
> 
> --[ snip discussion from IETF 91 ]--
> Q1: (Roman Danyliw) Last mailing list discussion on clarifying iodef:Software produced no result.  What does the group want to do?
> A: (David Waltermire) Extensibility is key dimension.  Consider just using swid and reference the ISO standard.  Alternatively, redefine the class to be AdditionalData.
> A: (Adam Monteville) Reiterated the importance of extensibility
> A: Isn't swid support already in the spec?
> A: (Roman Danyliw) There is an attribute named "swid" but this comes from RFC5070 which just happened to use this name without reference to the ISO standard.
> A: (Takeshi Takahashi) IODEF-SCI can embed SWID and CPE as well, but the context is different; it is added under AdditionalData. If we need the data here, we could make a model here like the SCI draft does.
> --[ end snip ]--
> 
> The four options mentioned to date (not just at IETF 91) are:
> 
> (1) Use OVAL [3]
> 
> (2) Use swid referencing ISO/IEC 19770-2:2009 (with XML schema at [4])
> 
> (3) Don't define it and use AdditionalData
> 
> (4) Support mutiple techniques to reference software in the same way  (like IODEF-SCI and ENUM)
> 
> Approach (1) and (2) are require little further explanation.  Hence, let me describe (3) in more detail.
> 
> The thinking would be to create an IANA registry to maintain a list of external references, in this case application reference techniques (e.g., swid and CPE), just like IODEF-SCI and ENUM current do.  The class using this technique might look as follows:
>             +---------------------+
>             | Application         |
>             +---------------------+
>             | ENUM SpecID         |<>--(0..*)-[ SpecData ]
>             | STRING ext-SpecID   |
>             |                     |
>             +---------------------+
> 
> ** SpecID would map to an IANA registry of application reference techniques
> ** ext-SpecID would allow for private enumerated value extensions as currently done in the draft
> ** SpecData would be defined as follows allowing both XML or atomic data types such as a string.
>     <xs:complexType name="AppIdType" mixed="true">  
>      <xs:sequence>
>        <xs:any namespace="##any" processContents="lax"
>                minOccurs="0" maxOccurs="unbounded"/>
>      </xs:sequence>
> 
> In the same way that the general purpose ENUM approach was useful to SACM and MILE, SACM has also expressed interest in a common approach on this class too.
> 
> What does the community feel is the correct approach?
> 
> Roman
> 
> [1] http://trac.tools.ietf.org/wg/mile/trac/ticket/47
> [2] http://www.ietf.org/proceedings/91/minutes/minutes-91-mile
> [3] https://nvd.nist.gov/cpe.cfm
> [4] http://standards.iso.org/iso/19770/-2/2009/schema.xsd
> _______________________________________________
> mile mailing list
> mile@ietf.org
> https://www.ietf.org/mailman/listinfo/mile

v2.23.0 | Report a Bug | By Email