Re: [Panic] Scope Draft is Available

Robert Moskowitz <> Fri, 16 June 2017 18:46 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1F01B1300E8 for <>; Fri, 16 Jun 2017 11:46:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.202
X-Spam-Status: No, score=-4.202 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 8jbs2ZjSYesI for <>; Fri, 16 Jun 2017 11:46:32 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id A04171315FC for <>; Fri, 16 Jun 2017 11:46:26 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 86FC562429; Fri, 16 Jun 2017 14:46:24 -0400 (EDT)
X-Virus-Scanned: amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with LMTP id sBwS3q4rlYfX; Fri, 16 Jun 2017 14:46:17 -0400 (EDT)
Received: from (unknown []) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 705646240F; Fri, 16 Jun 2017 14:46:16 -0400 (EDT)
To: "Waltermire, David A. (Fed)" <>, "" <>
References: <>
From: Robert Moskowitz <>
Message-ID: <>
Date: Fri, 16 Jun 2017 14:46:12 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <>
Subject: Re: [Panic] Scope Draft is Available
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Posture Assessment Through Network Information Collection \(panic\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 16 Jun 2017 18:46:36 -0000

The draft is very confusing.  We already have NETCONF/RESTCONF. What 
does PANIC provide that these do not?

I am ASSuMEing that there is a need of more than the NETCONF/RESTCONF 
data model and protocol(s).  This needs to be spelled out.

Is PANIC in competition with NETCONF/RESTCONF?
Is PANIC totally orthogonal to NETCONF/RESTCONF?

It seems that the meeting we had in Chicago pointed that it woud deal 
with data not included in the NETCONF/RESTCONF data model.  It would 
have specific security posture implecations whereas NETCONF/RESTCONF is 
more focused on the running of infrastructure gear.

Can we get this into the draft before Prague?


On 05/15/2017 11:03 AM, Waltermire, David A. (Fed) wrote:
> Welcome to the posture assessment through network information collection (PANIC) email list. At the side meeting on March 29th, we started discussing the problem of how to measure the health of network devices. We discussed the need to collect posture information from network devices to support asset, software, vulnerability, and configuration management use cases. We were asked by the group to share a more detailed description of the intended scope for the PANIC effort. The follow draft is an attempt to do so:
> We would appreciate review of and comments on this draft. At this point, we want to know if the this scope clearly defines the problem to be solved. Please let us know if you have any questions or concerns, or if you think the scope draft is adequate.
> Regards,
> David Waltermire
> _______________________________________________
> Panic mailing list