Re: [sacm] Genart telechat review of draft-ietf-sacm-nea-swima-patnc-02
"Schmidt, Charles M." <cmschmidt@mitre.org> Thu, 22 February 2018 13:56 UTC
Return-Path: <cmschmidt@mitre.org>
X-Original-To: expand-draft-ietf-sacm-nea-swima-patnc.all@virtual.ietf.org
Delivered-To: sacm@ietfa.amsl.com
Received: by ietfa.amsl.com (Postfix, from userid 65534) id 5B8E712706D; Thu, 22 Feb 2018 05:56:34 -0800 (PST)
X-Original-To: xfilter-draft-ietf-sacm-nea-swima-patnc.all@ietfa.amsl.com
Delivered-To: xfilter-draft-ietf-sacm-nea-swima-patnc.all@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13999127201 for <xfilter-draft-ietf-sacm-nea-swima-patnc.all@ietfa.amsl.com>; Thu, 22 Feb 2018 05:56:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Level:
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mitre.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 57Guk9MLmwkW for <xfilter-draft-ietf-sacm-nea-swima-patnc.all@ietfa.amsl.com>; Thu, 22 Feb 2018 05:56:30 -0800 (PST)
Received: from smtpvmsrv1.mitre.org (smtpvmsrv1.mitre.org [192.52.194.136]) by ietfa.amsl.com (Postfix) with ESMTP id EC14112706D for <draft-ietf-sacm-nea-swima-patnc.all@ietf.org>; Thu, 22 Feb 2018 05:56:29 -0800 (PST)
Received: from smtpvmsrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id 151406C00DF; Thu, 22 Feb 2018 08:56:29 -0500 (EST)
Received: from imshyb02.MITRE.ORG (unknown [129.83.29.3]) by smtpvmsrv1.mitre.org (Postfix) with ESMTP id 0222D6C0013; Thu, 22 Feb 2018 08:56:29 -0500 (EST)
Received: from imshyb01.MITRE.ORG (129.83.29.2) by imshyb02.MITRE.ORG (129.83.29.3) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Thu, 22 Feb 2018 08:56:28 -0500
Received: from gcc01-dm2-obe.outbound.protection.outlook.com (10.140.19.249) by imshyb01.MITRE.ORG (129.83.29.2) with Microsoft SMTP Server (TLS) id 15.0.1263.5 via Frontend Transport; Thu, 22 Feb 2018 08:56:28 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mitre.onmicrosoft.com; s=selector1-mitre-org; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=5IW3HB7lC6NPbckOSJ31pXJadGWvBB9eVE3Yfs/T7fk=; b=NwXTlDtMhGEr4bnboGTc5HergJB3mjXnDaTqruKao7/RFaMrGguzAVOvwTA7FHn5B4KxhbtZ/SzlETk7C9rIOR8UrClKLMt4BkzHZ97s0NNEHVwj80AFtzUuyeGPRZd6FhfVVrZtt56A8Tw6gw+yywk7POCLSVJm7V4oNRHzeA0=
Received: from DM5PR0901MB2375.namprd09.prod.outlook.com (52.132.133.18) by DM5PR0901MB2374.namprd09.prod.outlook.com (52.132.133.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.506.18; Thu, 22 Feb 2018 13:56:26 +0000
Received: from DM5PR0901MB2375.namprd09.prod.outlook.com ([fe80::21b9:ccf6:187e:85e1]) by DM5PR0901MB2375.namprd09.prod.outlook.com ([fe80::21b9:ccf6:187e:85e1%13]) with mapi id 15.20.0506.023; Thu, 22 Feb 2018 13:56:26 +0000
From: "Schmidt, Charles M." <cmschmidt@mitre.org>
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, Dan Romascanu <dromasca@gmail.com>
CC: "draft-ietf-sacm-nea-swima-patnc.all@ietf.org" <draft-ietf-sacm-nea-swima-patnc.all@ietf.org>
Thread-Topic: Genart telechat review of draft-ietf-sacm-nea-swima-patnc-02
Thread-Index: AQHTq7gO3LL+labJEUKUPRVdpJtd1qOwXQIAgAATRFA=
Date: Thu, 22 Feb 2018 13:56:26 +0000
Message-ID: <DM5PR0901MB2375AE24BDE5021F086DF749ABCD0@DM5PR0901MB2375.namprd09.prod.outlook.com>
References: <151898069815.27864.8612208400996416492@ietfa.amsl.com> <DM5PR0901MB237578DCF3767768F610B046ABCE0@DM5PR0901MB2375.namprd09.prod.outlook.com> <CAFgnS4Xh-93ANP++N7k=R3Go4ZpfLCwmYH17oddGuLGCXoevsg@mail.gmail.com> <DM5PR0901MB2375FAE7907718165988294AABCE0@DM5PR0901MB2375.namprd09.prod.outlook.com> <CAFgnS4XkvzNGSKGH1aqOtoW1af0uv8uwHOx9+71=uxsCbuSrpg@mail.gmail.com> <589EEE61-C41B-448F-8CB0-DA0A487C74C7@gmail.com>
In-Reply-To: <589EEE61-C41B-448F-8CB0-DA0A487C74C7@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=cmschmidt@mitre.org;
x-originating-ip: [192.160.51.86]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR0901MB2374; 6:DooSg+D4GEZj7YYmf2VT99imjcPuRC1BWlu7gZ6/kCeRMuI2vYr+sh0A0gyDx846M1aVv0GuWAKLeLFIfjubK7bq7FiTnpduaugNABwreapPTTRz6hUuKrtgLAIrWSylay73bCWHOgV44u+hmzV4EYvQob3PEReC2I4L2QxQWU2RpbkhSN7SdptD2w1QBYfqTA/ot5eG41b4CN3CUCgJXGE5zrlfA6i05FfkWegc36Gd7ewftfmNn4vMHuxOKrnLpl8YorqqRrLhOA8JgBj5UwV8SCUi7Y41+kiSbTpAgNhgqk8MNdqm76804rITbnDng77N2AOgxNJRntrcytRbIyJsiRysnPn0FtKvZnM3TZvJ7PxjlRltSv0OK7A89Uk9; 5:PN5034z6JsJpck2nSh4rHr2qkGsmnQr2eP1HsnARAv1KFZejEciKtvjlrBdRxrVStACshCg3nnNajTR+c21GLQP5FPZoBdvEB8VAEItjMg5VdstTph36zlcYm+g/1uuhxRS01iT88i/p7q/hCHU4e41+rRuiSafpu8SXrjYF8gQ=; 24:xns+sYKDela+nWJGVysoAyLhjcOWuCB3s23PFC6ouYRYioVlrIWcF4Jl9byqU4+9/pL7OG7avUzGm3MWugvLc0Nz3SKBVwiB3APqX8MBYeI=; 7:zLgn4dIjSpAt6ULTiHrzvrJ/zyAazPJwMpLA9revnLYSMzuQ7K1gSNeMZxz+wEaugXMQDAEUz6lwGawd7CKI5iMlERT88OOImZZHYQuiYINUUgN27dCinQVT15XTEiLKt+Lnv2fSDdTdZKltRUwNDxK7bQweovhryVT2BFxJRO3HwoswxHfmDjg/OgXq7ysJ6gc35o/rtIa58XFwhBIucfMnAv5yxmAPgPo5Wltbm6OMM4Wfi5hwhXbqAmpl6znt
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 4fbb7828-a7f0-4413-999f-08d579fc1117
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(4534165)(4627221)(201703031133081)(201702281549075)(5600026)(4604075)(3008032)(2017052603307)(7153060)(7193020); SRVR:DM5PR0901MB2374;
x-ms-traffictypediagnostic: DM5PR0901MB2374:
x-microsoft-antispam-prvs: <DM5PR0901MB237408E2BF60FEC04326008DABCD0@DM5PR0901MB2374.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(72170088055959)(192374486261705)(85827821059158);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(5005006)(8121501046)(3002001)(93006095)(93001095)(10201501046)(3231101)(944501161)(6055026)(6041288)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123558120)(20161123564045)(20161123560045)(6072148)(201708071742011); SRVR:DM5PR0901MB2374; BCL:0; PCL:0; RULEID:; SRVR:DM5PR0901MB2374;
x-forefront-prvs: 059185FE08
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(396003)(39380400002)(39850400004)(376002)(346002)(377424004)(13464003)(199004)(189003)(93886005)(14454004)(3660700001)(186003)(25786009)(26005)(59450400001)(2906002)(6116002)(4326008)(105586002)(2900100001)(53546011)(6506007)(33656002)(99286004)(81156014)(9686003)(53936002)(8936002)(76176011)(6306002)(81166006)(3846002)(7696005)(2950100002)(316002)(39060400002)(5660300001)(6246003)(3280700002)(229853002)(110136005)(7736002)(345774005)(8676002)(55016002)(305945005)(5250100002)(478600001)(74316002)(6436002)(102836004)(68736007)(106356001)(86362001)(66066001)(97736004); DIR:OUT; SFP:1101; SCL:1; SRVR:DM5PR0901MB2374; H:DM5PR0901MB2375.namprd09.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: mitre.org does not designate permitted sender hosts)
x-microsoft-antispam-message-info: gW+KV4af4CaM0sEB5RgVggoHLqMussELd+8FORG3YcnGvG9BY5LDtk3Cei+StE/m+AczgFeNcAXu2VWVLruuz/hzWypLXMAXLQczfH6i7rw7PcT+QR7KdhlF/ce5zbP5+iTd3mUBJp3SzCHTX+v9/IXjLg3RuSha+5hSyBHJrwc=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 4fbb7828-a7f0-4413-999f-08d579fc1117
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Feb 2018 13:56:26.6709 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: c620dc48-1d50-4952-8b39-df4d54d74d82
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR0901MB2374
X-OriginatorOrg: mitre.org
X-MITRE: 8GQsMWxq66rxk57w
Resent-From: alias-bounces@ietf.org
Resent-To: cmschmidt@mitre.org, dhaynes@mitre.org, ccoffin@mitre.org, david.waltermire@nist.gov, jmfitz2@nsa.gov, inacio@cert.org, adam.w.montville@gmail.com, odonoghue@isoc.org, Kathleen.Moriarty.ietf@gmail.com, ekr@rtfm.com, kaduk@mit.edu, Karen O'Donoghue <odonoghue@isoc.org>, sacm@ietf.org
Resent-Message-Id: <20180222135634.5B8E712706D@ietfa.amsl.com>
Resent-Date: Thu, 22 Feb 2018 05:56:34 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/111pgnO21Sep0dTVnBPHRH_jDfw>
Subject: Re: [sacm] Genart telechat review of draft-ietf-sacm-nea-swima-patnc-02
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Feb 2018 13:56:34 -0000
Hi Kathleen, I have addressed Dan's, Eric's, and your comments in my current draft and can make the IANA updates quickly. I won't be able to get the comments received late yesterday (Benjamin, Ben, Adam, and Alexey) addressed before 10:00. (Alissa's comments were addressed with Dan's.) Would you like me to send the draft with those updates, or hold off until I can get the last flurry of comments resolved? Also, would it be possible for me to listen in on the telechat? I know it is happening today, but haven't been able to find any information about when (although I'm guessing 10:00) or how to participate. Thanks a bunch, Charles > -----Original Message----- > From: Kathleen Moriarty [mailto:kathleen.moriarty.ietf@gmail.com] > Sent: Thursday, February 22, 2018 6:40 AM > To: Dan Romascanu <dromasca@gmail.com> > Cc: Schmidt, Charles M. <cmschmidt@mitre.org>; draft-ietf-sacm-nea- > swima-patnc.all@ietf.org > Subject: Re: Genart telechat review of draft-ietf-sacm-nea-swima-patnc-02 > > Charles, > > If your running draft addresses all comments, could you please post it before > 10AM? I may be able to approve it on the telechat. > > Thank you for all your work on this and addressing the comments received. > > Best regards, > Kathleen > > Sent from my mobile device > > On Feb 22, 2018, at 3:35 AM, Dan Romascanu <dromasca@gmail.com > <mailto:dromasca@gmail.com> > wrote: > > > > Hi Charles. > > This paragraph is very reasonable and informative for all audiences. > > > Thanks again. > > > Dan > > > > On Thu, Feb 22, 2018 at 12:23 AM, Schmidt, Charles M. > <cmschmidt@mitre.org <mailto:cmschmidt@mitre.org> > wrote: > > > Hi Dan, > > > > Thanks for your response. I agree on all points. I'll add the > following paragraph to the end of the introduction: > > > > "Part of the motivation for the development of SWIMA was > to support the IETF’s Security Automation and Continuous Monitoring > (SACM) architecture. More details about SWIMA’s role in SACM appear in > <xref target=”Relationship”/>. However, SWIMA has no dependencies on > any part of SACM and is usable wherever the NEA architecture is employed." > > > > Does this seem reasonable? (I agree that we need to address > the expectation that people will have to see SACM mentioned in a SACM WG > document, but I also want to make very sure that people don't see SWIMA > as only being applicable in that context.) > > > > Thanks, > > Charles > > > > From: Dan Romascanu [mailto:dromasca@gmail.com > <mailto:dromasca@gmail.com> ] > Sent: Wednesday, February 21, 2018 4:11 PM > To: Schmidt, Charles M. <cmschmidt@mitre.org > <mailto:cmschmidt@mitre.org> > > Cc: gen-art@ietf.org <mailto:gen-art@ietf.org> ; draft-ietf- > sacm-nea-swima-patnc.all@ietf.org <mailto:draft-ietf-sacm-nea-swima- > patnc.all@ietf.org> ; ietf@ietf.org <mailto:ietf@ietf.org> ; sacm@ietf.org > <mailto:sacm@ietf.org> > Subject: Re: Genart telechat review of draft-ietf-sacm-nea- > swima-patnc-02 > > > > Hi Charles, > > Thank you for your response and for addressing my > comments. I feel that they are largely addressed by your proposed > resolution. See also in-line. > > Regards, > > Dan > > > > On Wed, Feb 21, 2018 at 10:50 PM, Schmidt, Charles M. > <cmschmidt@mitre.org <mailto:cmschmidt@mitre.org> > wrote: > > Hello, > > Thanks a bunch for the comments. I'm glad that you > feel that it looks like a solid contribution. > > With regard to your feedback, I have developed > wording to address both your major concerns and wanted to run it by you: > > --- > With regard to the lack of mention of SACM, I agree > that it was an oversight not to mention it in the Relationship to Other > Standards section. I propose adding the following paragraph at the end of > that section: > > "The NEA architecture is intended to support a broad > range of activities and, as such, might be employed by other specifications. > For example, requirement T-001 in the SACM Requirements document (RFC > 8248) notes that NEA can support data collection from endpoints within the > broader SACM architecture. (Other parts of the NEA architecture, which > SWIMA uses, meet the other SACM data transport requirements.) In the > SACM architecture, a SWIMA-PV corresponds to a “SACM Collector” and a > SWIMA-PC is a “SACM Internal Collector”. In the SACM architecture, the > SWIMA specification can support activities relating to software inventory > collection. Specifically, SWIMA supports the SACM “Endpoint Posture > Attribute Value Collection” use case (section 2.1.3 or RFC 7632) by describing > a collection mechanism that enables event driven, scheduled, and ad-hoc > data collection of software inventory information. SWIMA’s flexibility with > regard to the format of inventory data records means that it is compatible > with virtually any data format that implements SACM’s “Define, Publish, > Query, and Retrieve Security Automation Data” (section 2.1.1 in RFC 7632). > This is just one example of how SWIMA can support broader security solution > standards. Note that, while SWIMA can support these SACM use cases, > SWIMA has no dependencies upon the SACM architecture or any other > context in which NEA might reasonably be applied." > > > > This looks good. I would also suggest to add a sentence or > paragraph describing for short the relationship to SACM in the Introduction. > As this is a SACM WG document, some readers would probably expect to see > this relationship mentioned earlier than in Section 9. > > > > > I believe this addresses most of the specific points > you wanted to include. I did not include a terminology mapping to "evidence > record" and "software identifier" because the SACM Terminology definition > of "attribute" is not internally consistent: it states "Attribute - Is a data > element, as defined in [RFC5209], that is > atomic" and "equivalent to attribute-value-pairs". > However, RFC 5209 (NEA) attributes are not atomic in nature, and will consist > of many name-value pairs. (I'll send a separate comment to the SACM list > regarding this.) As such, I'm not sure the terminology draft has a good parallel > at this time and I stuck to the clearer mappings. > > > > I understand your point. Please continue the discussion with > the SACM terminology authors to try to reach consistency. > > > > > > > ----- > > With regard to firmware and OS information, I added > the following to the introduction: > > " Note that while this specification focuses on > “software inventory”, the mechanisms it describes could also be used to > convey information about firmware and operating systems associated with > an endpoint. The focus on software throughout this document should not be > read as excluding the use of SWIMA for these other purposes." > > > > Fine - this is exactly what I was looking for. > > > --------- > > Do these additions adequately address your > concerns? > > Finally, with regard to the following question: > > > 2. Section 3.3 > > ' In the case that it is possible to do so, the > SWIMA-PC SHOULD send > > its SWIMA Response attribute to the SWIMA-PV > that requested it using > > exclusive delivery ...' > > Assuming that 'it is possible to do so' means > support for the mechanism, why > > is this a SHOULD, and not a MUST? > > In the NEA specification, the EXCL flag is only a > recommendation to the Posture Broker Server/Client, and the recipient of a > message with the flag set only "SHOULD" deliver it to a single party. (I realize > that, in retrospect, my assertion that exclusive delivery "ensures" a behavior > is incorrect and will fix that.) As such, saying that implementations MUST set > a flag that only SHOULD be obeyed seems to be of questionable use, > especially given that the specification clearly describes what to do if > messages are not exclusively delivered. > > Let me know if you disagree - I don't feel too strongly > about this, but wanted to explain my thoughts. > > > > Makes sense. > > > > ---- > > Thanks again for the comments. > > Charles > > > > -----Original Message----- > > From: Dan Romascanu > [mailto:dromasca@gmail.com <mailto:dromasca@gmail.com> ] > > Sent: Sunday, February 18, 2018 1:05 PM > > To: gen-art@ietf.org <mailto:gen-art@ietf.org> > > Cc: draft-ietf-sacm-nea-swima-patnc.all@ietf.org > <mailto:draft-ietf-sacm-nea-swima-patnc.all@ietf.org> ; ietf@ietf.org > <mailto:ietf@ietf.org> ; > > sacm@ietf.org <mailto:sacm@ietf.org> ; > dromasca@gmail.com <mailto:dromasca@gmail.com> > > Subject: Genart telechat review of draft-ietf-sacm- > nea-swima-patnc-02 > > > > Reviewer: Dan Romascanu > > Review result: Almost Ready > > > > I am the assigned Gen-ART reviewer for this draft. > The General Area > > Review Team (Gen-ART) reviews all IETF > documents being processed > > by the IESG for the IETF Chair. Please wait for > direction from your > > document shepherd or AD before posting a new > version of the draft. > > > > For more information, please see the FAQ at > > > > <https://trac.ietf.org/trac/gen/wiki/GenArtfaq > <https://trac.ietf.org/trac/gen/wiki/GenArtfaq> >. > > > > Document: draft-ietf-sacm-nea-swima-patnc-02 > > Reviewer: Dan Romascanu > > Review Date: 2018-02-18 > > IETF LC End Date: 2018-02-21 > > IESG Telechat date: 2018-02-22 > > > > Summary: > > > > This is a solid and detailed specification, which > extends PA-TNS with specific > > attributes and message exchanges to allow > endpoints to report their > > installed > > software inventory information to a NEA server. It > is Almost Ready from a > > Gen-ART point of view, but there are some > problems that I recommend to > > be > > addressed before approval. The major problem is > related to the complete > > lack of > > information about how this specification fits into > SACM, which SACM > > requirements are addressed, how terminologies > are made consistent and > > how > > entities are mapped. > > > > Major issues: > > > > 1. The document is labeled as a SACM document, > but the text never explains > > the > > connection with the SACM work, or the relation > with the SACM architecture > > and > > framework. There is no reference to SACM > documents either. Section 9 > > 'Relationship with other specifications' does not > mention SACM either. > > > > At a minimum, I believe that the document should: > > - relate to the use cases of SACM - RFC 7632 (it does > this for NEA, but this is > > not sufficient for a SACM document) - ensure > consistency, refer to the > > terminology of SACM (draft-ietf-sacm- > terminology), and provide a mapping > > between the terms and entities defined in this > document (e.g. SWIMA-PC, > > SWIMA-PV, Evidence Record, Software Identifier) > and the SACM > > terminology - > > explain how the message exchanges fit in a SACM > solution to meet the > > requirements defined by RFC 8248. As an example, > RFC 5792 has a detailed > > appendix that evaluates the specifications against > the requirements in RFC > > 5209 > > (NEA requirements). > > > > 2. The charter item that this WG falls under reads: > > > > '- Define an extension of IETF NEA > [https://ietf.org/wg/concluded/nea.html > <https://ietf.org/wg/concluded/nea.html> ] > > to > > collect and deliver information about firmware, > operating systems, and > > software > > installed on an endpoint.' > > > > The document covers in detail software inventory, > but is mute about > > firmware > > and operating systems. Arguably these two would > fall under a broad > > interpretation of 'software' but it would be better - > at least - to provide an > > explanation about these being covered and how, if > not specific attributes > > related to the types of software specified in the > charter. > > > > Minor issues: > > > > 1.Section 2.3: > > > > I believe that the 'Interoperable' requirement is > trivial and unnecessary in > > the text of a Standards-Track document. > > > > ' Interoperable: This specification defines the > protocol for how PCs > > and PVs can exchange and use software > information to provide a NEA > > Server with information about an endpoint’s > software inventory. > > Therefore, a key goal for this specification is > ensuring that all > > SWIMA PCs and PVs, regardless of the vendor > who created them, are > > able to interoperate in their performance of > these duties.' > > > > Interoperability is the obvious goal of any IETF > standards-track document. > > There is no need to repeat such an obvious > statement. > > > > 2. Section 3.3 > > > > ' In the case that it is possible to do so, the > SWIMA-PC SHOULD send > > its SWIMA Response attribute to the SWIMA-PV > that requested it using > > exclusive delivery ...' > > > > Assuming that 'it is possible to do so' means > support for the mechanism, why > > is > > this a SHOULD, and not a MUST? > > > > Nits/editorial comments: > > > > 1. The Abstract section - quotation marks are open > around the first > > document > > name and never closed. > > > > > > >
- [sacm] Genart telechat review of draft-ietf-sacm-… Dan Romascanu
- Re: [sacm] Genart telechat review of draft-ietf-s… Schmidt, Charles M.
- Re: [sacm] Genart telechat review of draft-ietf-s… Dan Romascanu
- Re: [sacm] Genart telechat review of draft-ietf-s… Schmidt, Charles M.
- Re: [sacm] [Gen-art] Genart telechat review of dr… Alissa Cooper
- Re: [sacm] Genart telechat review of draft-ietf-s… Dan Romascanu
- Re: [sacm] Genart telechat review of draft-ietf-s… Kathleen Moriarty
- Re: [sacm] Genart telechat review of draft-ietf-s… Schmidt, Charles M.
- Re: [sacm] Genart telechat review of draft-ietf-s… Benjamin Kaduk
- Re: [sacm] Genart telechat review of draft-ietf-s… Schmidt, Charles M.
- Re: [sacm] Genart telechat review of draft-ietf-s… Benjamin Kaduk
- Re: [sacm] Genart telechat review of draft-ietf-s… Kathleen Moriarty
- Re: [sacm] Genart telechat review of draft-ietf-s… Schmidt, Charles M.