Re: [Panic] Scope Draft is Available

"Waltermire, David A. (Fed)" <david.waltermire@nist.gov> Thu, 18 May 2017 15:06 UTC

Return-Path: <david.waltermire@nist.gov>
X-Original-To: panic@ietfa.amsl.com
Delivered-To: panic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93AA912EB52 for <panic@ietfa.amsl.com>; Thu, 18 May 2017 08:06:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nistgov.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nT8Q-DRpkjgO for <panic@ietfa.amsl.com>; Thu, 18 May 2017 08:06:29 -0700 (PDT)
Received: from gcc01-dm2-obe.outbound.protection.outlook.com (mail-dm2gcc01on0126.outbound.protection.outlook.com [23.103.201.126]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4284D129B46 for <Panic@ietf.org>; Thu, 18 May 2017 07:59:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nistgov.onmicrosoft.com; s=selector1-nist-gov; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=9uCQOgI7i+NRvA8tPqvKP43UOqNll+6p/bjEFKunuwE=; b=SIAOy24rTDre8s8cIyT850pDk+Il25lcjhx+NLHucZPcZNl/g/HJPqP1MmVz/UnVlm24Grq8wcls05epb4uQZniQF1tj2rZlZxX9CiYW6MO1ulSOvKWy1LvIZUkmV3Hndwtud2VEq9k6hKItnp8ie3TqYS5g5a+8sJ4ij/xkO+c=
Received: from MWHPR09MB1440.namprd09.prod.outlook.com (10.173.50.14) by MWHPR09MB1439.namprd09.prod.outlook.com (10.173.50.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1101.14; Thu, 18 May 2017 14:59:24 +0000
Received: from MWHPR09MB1440.namprd09.prod.outlook.com ([10.173.50.14]) by MWHPR09MB1440.namprd09.prod.outlook.com ([10.173.50.14]) with mapi id 15.01.1101.019; Thu, 18 May 2017 14:59:24 +0000
From: "Waltermire, David A. (Fed)" <david.waltermire@nist.gov>
To: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>, "Panic@ietf.org" <Panic@ietf.org>
Thread-Topic: Scope Draft is Available
Thread-Index: AdLNjFoi4UJSdMycRuOkrf0darmESQBj41DwADKpxpA=
Date: Thu, 18 May 2017 14:59:24 +0000
Message-ID: <MWHPR09MB14404051B8C07A6F1205B7B2F0E40@MWHPR09MB1440.namprd09.prod.outlook.com>
References: <MWHPR09MB14403A4D4118D9D685B31B8DF0E10@MWHPR09MB1440.namprd09.prod.outlook.com> <2c391fc46bca4900875ee3b0514df42b@XCH-ALN-010.cisco.com>
In-Reply-To: <2c391fc46bca4900875ee3b0514df42b@XCH-ALN-010.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: cisco.com; dkim=none (message not signed) header.d=none;cisco.com; dmarc=none action=none header.from=nist.gov;
x-originating-ip: [129.6.220.59]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR09MB1439; 7:cJH2PPBkCpTnqeti9QcGsiVHYLR15y8+rRNr2kjmR2Igdl4ki4a/JhJoLBVu5Gq8bzYFQPBDj0H3jtmrcNerZ18al4LE06/xYHdlmoaw2ATPOyLxfgAAtp8IFxxWmQ7sXqHRADLL6co2eAOVywvsFp8ki/UdVc27alZeyAV9U02EVxHTScTAKDdLaQKMSXMU7wIyjL9e1tS9q8wgeb/lN31ZmzDkPRzj+M30lK8hY8JUl1rcHUd3Aoocb4e4xjBUTpGR1JMHrCn38vQHaHtkkfne3hMJd9lwlFnusORL9X7xkjTIaQ+7y/b3I3Vg1FSKY96FB5TbjKdcnXWolLN3Bg==
x-ms-traffictypediagnostic: MWHPR09MB1439:
x-ms-office365-filtering-correlation-id: d1ef26e5-29ce-41ae-acb0-08d49dfe7910
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(48565401081)(201703131423075)(201703031133081)(201702281549075); SRVR:MWHPR09MB1439;
x-microsoft-antispam-prvs: <MWHPR09MB1439A0431700F0E612B88A15F0E40@MWHPR09MB1439.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(65766998875637)(120809045254105)(192374486261705)(131327999870524)(95692535739014);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(5005006)(8121501046)(3002001)(93006095)(93001095)(10201501046)(6055026)(6041248)(20161123564025)(20161123562025)(20161123558100)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123555025)(6072148); SRVR:MWHPR09MB1439; BCL:0; PCL:0; RULEID:; SRVR:MWHPR09MB1439;
x-forefront-prvs: 0311124FA9
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39410400002)(39450400003)(39860400002)(39840400002)(39850400002)(39400400002)(13464003)(377454003)(966005)(9686003)(55016002)(99286003)(66066001)(6506006)(189998001)(76176999)(6436002)(6306002)(54356999)(25786009)(53546009)(77096006)(7696004)(50986999)(2950100002)(229853002)(38730400002)(3480700004)(6246003)(53936002)(8676002)(74316002)(8936002)(7736002)(5660300001)(305945005)(478600001)(2501003)(3846002)(6116002)(102836003)(2906002)(345774005)(81166006)(3280700002)(33656002)(3660700001)(86362001)(122556002)(2900100001); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR09MB1439; H:MWHPR09MB1440.namprd09.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 May 2017 14:59:24.2270 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR09MB1439
Archived-At: <https://mailarchive.ietf.org/arch/msg/panic/j2PFZiOioPnAJXSSWznN-I9IKhA>
Subject: Re: [Panic] Scope Draft is Available
X-BeenThere: panic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Posture Assessment Through Network Information Collection \(panic\)" <panic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/panic>, <mailto:panic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/panic/>
List-Post: <mailto:panic@ietf.org>
List-Help: <mailto:panic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/panic>, <mailto:panic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 May 2017 15:06:32 -0000

Panos,

Thank you for providing feedback on the PANIC scope draft.

Comments are inline below.

> -----Original Message-----
> From: Panos Kampanakis (pkampana) [mailto:pkampana@cisco.com]
> Sent: Thursday, May 18, 2017 10:37 AM
> To: Waltermire, David A. (Fed) <david.waltermire@nist.gov>;; Panic@ietf.org
> Subject: RE: Scope Draft is Available
> 
> Hi David,
> 
> The document is clear.
> 
> One semantic objection I have is about the use of the word endpoint. I
> believe the term is commonly used for user machines (laptops, cells, tablets)
> . Network element or element is a little clearer.

I don't have a dog in this fight. I am happy to go either way (e.g., endpoint, network element) if there is a preference in the group for one term or the other. I'd like to hear other opinions on this.

> A susggestion: The security section could mention the importance of not
> introducing security concerns with the posture info collection. For example a
> device should not be DoSable by too many polls, or it should not push often
> enough that would introduce performance concerns etc.

I think this is a good idea. Do you have some text in mind to drop in?

> I think it will also be beneficial to be explicit about the types of network
> elements. In the broad technologies that exist today, these elements could
> be hardware, software or virtual (NFV fails in this category). All of those
> should be in scope for this work.

All of these are in scope in my view.

> Side comment: I would like this standardization effort to try to reuse data
> formats and transports wherever possible and not come up with new
> posture information descriptions. I think this is a common goal that SACM has
> as well.

I share this goal as well. Should we document this in the draft?

> Thanks,
> Panos

Regards,
Dave

> -----Original Message-----
> From: Panic [mailto:panic-bounces@ietf.org] On Behalf Of Waltermire, David
> A. (Fed)
> Sent: Monday, May 15, 2017 11:03 AM
> To: Panic@ietf.org
> Subject: [Panic] Scope Draft is Available
> 
> Welcome to the posture assessment through network information collection
> (PANIC) email list. At the side meeting on March 29th, we started discussing
> the problem of how to measure the health of network devices. We
> discussed the need to collect posture information from network devices to
> support asset, software, vulnerability, and configuration management use
> cases. We were asked by the group to share a more detailed description of
> the intended scope for the PANIC effort. The follow draft is an attempt to do
> so:
> 
> https://datatracker.ietf.org/doc/draft-waltermire-panic-scope/
> 
> We would appreciate review of and comments on this draft. At this point, we
> want to know if the this scope clearly defines the problem to be solved.
> Please let us know if you have any questions or concerns, or if you think the
> scope draft is adequate.
> 
> Regards,
> David Waltermire
> 
> _______________________________________________
> Panic mailing list
> Panic@ietf.org
> https://www.ietf.org/mailman/listinfo/panic