Re: [Panic] Scope Draft is Available

"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Thu, 18 May 2017 14:42 UTC

Return-Path: <pkampana@cisco.com>
X-Original-To: panic@ietfa.amsl.com
Delivered-To: panic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A104F129B84 for <panic@ietfa.amsl.com>; Thu, 18 May 2017 07:42:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.522
X-Spam-Level:
X-Spam-Status: No, score=-14.522 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KOL5zNUZPrTJ for <panic@ietfa.amsl.com>; Thu, 18 May 2017 07:42:26 -0700 (PDT)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 642E5129B8C for <Panic@ietf.org>; Thu, 18 May 2017 07:37:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2326; q=dns/txt; s=iport; t=1495118230; x=1496327830; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=tXgL9o3/vBbyhynFpbx12kyYTgtW8x89dsNOY/c97xc=; b=VHnyqkFd11vDikTP7yKGqoMhN/47QHU8eEFDqzc1Y+Bh3ThTSPpZMoaB cu5dS1StkJE2aQnAiNMNOxFilWe6Bb73HtO5WO0Bi3+wMxq3yeO1aaGP/ TAHJ/YdJJWiT9ceePRPmFBRpxWwe0cIKeXNmT7UACwrMfPn+m12GoEsHU s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0CaAABFsB1Z/5ldJa1cGQEBAQEBAQEBA?= =?us-ascii?q?QEBBwEBAQEBgywpYoEMB41+kWuVdoIPIQuCQoM2AoVvPxgBAgEBAQEBAQFrKIU?= =?us-ascii?q?YAQEBAQMBATg0FwQCAQgRBAEBHwkHJwsUCQgBAQQBEgiITIFPDrEuiwABAQEBA?= =?us-ascii?q?QEBAQEBAQEBAQEBAQEBAQEYBYZfgV6DG4Q0EgGGDgWWdIcfAYcbi3aCDYU8ii6?= =?us-ascii?q?URQEfOH8LcBVGhnZ2hgSBIYENAQEB?=
X-IronPort-AV: E=Sophos;i="5.38,359,1491264000"; d="scan'208";a="236604264"
Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by rcdn-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 18 May 2017 14:37:09 +0000
Received: from XCH-ALN-007.cisco.com (xch-aln-007.cisco.com [173.36.7.17]) by rcdn-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id v4IEb9Rx004309 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 18 May 2017 14:37:09 GMT
Received: from xch-aln-010.cisco.com (173.36.7.20) by XCH-ALN-007.cisco.com (173.36.7.17) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Thu, 18 May 2017 09:37:08 -0500
Received: from xch-aln-010.cisco.com ([173.36.7.20]) by XCH-ALN-010.cisco.com ([173.36.7.20]) with mapi id 15.00.1210.000; Thu, 18 May 2017 09:37:08 -0500
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: "Waltermire, David A. (Fed)" <david.waltermire@nist.gov>, "Panic@ietf.org" <Panic@ietf.org>
Thread-Topic: Scope Draft is Available
Thread-Index: AdLNjFoi4UJSdMycRuOkrf0darmESQBj41Dw
Date: Thu, 18 May 2017 14:37:08 +0000
Message-ID: <2c391fc46bca4900875ee3b0514df42b@XCH-ALN-010.cisco.com>
References: <MWHPR09MB14403A4D4118D9D685B31B8DF0E10@MWHPR09MB1440.namprd09.prod.outlook.com>
In-Reply-To: <MWHPR09MB14403A4D4118D9D685B31B8DF0E10@MWHPR09MB1440.namprd09.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.116.108.5]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/panic/jGq6e_9WJuDKEORp6qIs0NR1FiA>
Subject: Re: [Panic] Scope Draft is Available
X-BeenThere: panic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Posture Assessment Through Network Information Collection \(panic\)" <panic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/panic>, <mailto:panic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/panic/>
List-Post: <mailto:panic@ietf.org>
List-Help: <mailto:panic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/panic>, <mailto:panic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 May 2017 14:42:28 -0000

Hi David,

The document is clear.

One semantic objection I have is about the use of the word endpoint. I believe the term is commonly used for user machines (laptops, cells, tablets) . Network element or element is a little clearer. 

A susggestion: The security section could mention the importance of not introducing security concerns with the posture info collection. For example a device should not be DoSable by too many polls, or it should not push often enough that would introduce performance concerns etc. 

I think it will also be beneficial to be explicit about the types of network elements. In the broad technologies that exist today, these elements could be hardware, software or virtual (NFV fails in this category). All of those should be in scope for this work.

Side comment: I would like this standardization effort to try to reuse data formats and transports wherever possible and not come up with new posture information descriptions. I think this is a common goal that SACM has as well.

Thanks,
Panos


-----Original Message-----
From: Panic [mailto:panic-bounces@ietf.org] On Behalf Of Waltermire, David A. (Fed)
Sent: Monday, May 15, 2017 11:03 AM
To: Panic@ietf.org
Subject: [Panic] Scope Draft is Available

Welcome to the posture assessment through network information collection (PANIC) email list. At the side meeting on March 29th, we started discussing the problem of how to measure the health of network devices. We discussed the need to collect posture information from network devices to support asset, software, vulnerability, and configuration management use cases. We were asked by the group to share a more detailed description of the intended scope for the PANIC effort. The follow draft is an attempt to do so:

https://datatracker.ietf.org/doc/draft-waltermire-panic-scope/

We would appreciate review of and comments on this draft. At this point, we want to know if the this scope clearly defines the problem to be solved. Please let us know if you have any questions or concerns, or if you think the scope draft is adequate.

Regards,
David Waltermire

_______________________________________________
Panic mailing list
Panic@ietf.org
https://www.ietf.org/mailman/listinfo/panic