IETF Logo Mail Archive

[sacm] sacm-nea-swid-patnc (SWIMA) prototype implementation

Andreas Steffen <andreas.steffen@strongswan.org> Fri, 16 June 2017 10:17 UTC

Return-Path: <andreas.steffen@strongswan.org>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D5DD1317D2 for <sacm@ietfa.amsl.com>; Fri, 16 Jun 2017 03:17:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.202
X-Spam-Level:
X-Spam-Status: No, score=-4.202 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eOtPkTRLLTMz for <sacm@ietfa.amsl.com>; Fri, 16 Jun 2017 03:17:17 -0700 (PDT)
Received: from mail.strongswan.org (sitav-80046.hsr.ch [152.96.80.46]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77DB11317D1 for <sacm@ietf.org>; Fri, 16 Jun 2017 03:17:17 -0700 (PDT)
Received: from [152.96.214.70] (unknown [152.96.214.70]) by mail.strongswan.org (Postfix) with ESMTPSA id 294B04013B; Fri, 16 Jun 2017 12:17:45 +0200 (CEST)
From: Andreas Steffen <andreas.steffen@strongswan.org>
To: "sacm@ietf.org" <sacm@ietf.org>
Cc: "Schmidt, Charles M." <cmschmidt@mitre.org>
Message-ID: <2e8798e8-42b1-285b-608f-06501b8153eb@strongswan.org>
Date: Fri, 16 Jun 2017 12:17:15 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms010605050206040704030708"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/1afZvN4GhRZRVSk70hNNb-GMkts>
Subject: [sacm] sacm-nea-swid-patnc (SWIMA) prototype implementation
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Jun 2017 10:17:20 -0000

Hi,

I have just finished a prototype implementation of the SWIMA draft
"draft-ietf-sacm-nea-swid-patnc". The following five PA-TNC attributes
are currently supported (without subscription yet):

 * SW Request
 * Software Identifier Inventory
 * Software Identifier Events
 * Software Inventory
 * Software Events

The C source code can be found in the swima branch of the strongSwan
project:

  https://github.com/strongswan/strongswan/tree/swima/src/libimcv/ietf/swima

Various SWIMA object classes are located here

  https://github.com/strongswan/strongswan/tree/swima/src/libimcv/swima

Unit tests for the PA-TNC message and attributes, achieving nearly
100 % code coverage are found here


https://github.com/strongswan/strongswan/blob/swima/src/libimcv/suites/test_imcv_swima.c

The SWIMA attributes can be used with the SW Posture Collector/Validator
pair


https://github.com/strongswan/strongswan/tree/swima/src/libimcv/plugins/imc_swima

https://github.com/strongswan/strongswan/tree/swima/src/libimcv/plugins/imv_swima

The SWIMA server log of a live posture session via a PT-TLS connection
is documented here

  https://wiki.strongswan.org/projects/strongswan/wiki/Swima

Best regards

Andreas Steffen

======================================================================
Andreas Steffen                         andreas.steffen@strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Networked Solutions
HSR University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[INS-HSR]==

v2.23.0 | Report a Bug | By Email