Re: [sacm] Hackathon Goals and Stretch Goals
Adam Montville <adam.w.montville@gmail.com> Mon, 22 May 2017 13:39 UTC
Return-Path: <adam.w.montville@gmail.com>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57CE412EA74 for <sacm@ietfa.amsl.com>; Mon, 22 May 2017 06:39:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id raDi-hFvPy8h for <sacm@ietfa.amsl.com>; Mon, 22 May 2017 06:39:37 -0700 (PDT)
Received: from mail-io0-x233.google.com (mail-io0-x233.google.com [IPv6:2607:f8b0:4001:c06::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3F9AB12E04F for <sacm@ietf.org>; Mon, 22 May 2017 06:39:37 -0700 (PDT)
Received: by mail-io0-x233.google.com with SMTP id k91so81226839ioi.1 for <sacm@ietf.org>; Mon, 22 May 2017 06:39:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=qEywv1JEAiloWBIyUvrBZa1LzDHzgkLvg6OOqfl2QmQ=; b=HYpV9Zv3ibFWvT314VlAvpow2VmY6p68T5q7yS6eBIV/xkUxsNPhbELt60xhCzfV4Y uqDnFVu6aUgk8/i6XmlPRrdO6IlafU/9/2naEbIVU1tsNMKys7fx3YPwUCJgZTrQjFye bIF9ohO4U+8C+akX69sxGFG+VqcXHYYs+g7JozE2HiOLzB1Cu67IiiPZgl6qqiMiC9w1 sD7PRqsoli/Qo94xfUBrKAbb+MSb0x2sZ833+UfaoxSCkPVZYaDsfO+Mk77H0W77CIDO skPvrnj080Z8MJSucOL0mKWOaRrkpB4AEpNFjMan2o7L+wUOe/KbCbjKnHCNlXr3jbIB BsOw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=qEywv1JEAiloWBIyUvrBZa1LzDHzgkLvg6OOqfl2QmQ=; b=P1VEqTQW7EXxICf/S6TQWx/THWRhvAzR6yoRjuSPC05u4s4mR+INy57sJyjF98d2aI oqyaVjVbW5A1+p++jL6ln/JBrsn05Wz8dY9+4NDoI0VDz+JFAw2CIkaixL9Q9AkdyIFx SLmaLs0kO6ezCOTKLm3fmvUfnC7sPV1Zps5twhVLW1fC0njzeQFLG+rQ9I00TZ/swraX oQk2F2R8aCWBExZlXLCMYMO7fCACE21YjVB9ko/wqTRqBbP71knoWwPY76NwSrA9z+to NUF+r7z9ybZ4h7VgX2DsLVO6BxsWkMTrM5LGvcnPoOtYUl+b7VLDFQ8grz0zxOGD4r0T 05Ig==
X-Gm-Message-State: AODbwcAen8QOXUFUq7PCZWLw2DvUXpV9TtNovUXpbquuzBknJ5OeXhhI rHeShRTl78yyTshbjhlVGXX9VFEOjBR7
X-Received: by 10.107.176.131 with SMTP id z125mr21293654ioe.161.1495460376549; Mon, 22 May 2017 06:39:36 -0700 (PDT)
MIME-Version: 1.0
References: <CACknUNUhqqdumk1wombsAha0TQS4O4dNpajUs2Ak4jWDWZHXaA@mail.gmail.com> <CACknUNUQ_sgw46GsU8LoOq1puEyo8DUnJ4599h0GE=+Nc2Hxow@mail.gmail.com> <MWHPR09MB1440A80762DE455376735978F0E10@MWHPR09MB1440.namprd09.prod.outlook.com> <CACknUNUA0YH5EXQrPJHMWqfp=PZcVc_FpeTR0T9SmRMsteSvhw@mail.gmail.com> <CAA=AuEf_7A4ObvoiGHHzhtzNTS2B3Wxiz+WcBjwc8dqh4z7h2g@mail.gmail.com> <DM5PR09MB1354402E944E81A585B279D1A5E60@DM5PR09MB1354.namprd09.prod.outlook.com> <90838fdd-07be-fdf8-300f-614425d360ec@sit.fraunhofer.de> <CACknUNU-kuGMi8Oass_JT+3CvpAgbm8PAb1_KDTwM6D2X1o-JQ@mail.gmail.com> <CAN40gStPGRW7P6m2m7QrO8awCuksjyQoga4QCD3BzFqa_GN26Q@mail.gmail.com>
In-Reply-To: <CAN40gStPGRW7P6m2m7QrO8awCuksjyQoga4QCD3BzFqa_GN26Q@mail.gmail.com>
From: Adam Montville <adam.w.montville@gmail.com>
Date: Mon, 22 May 2017 13:39:25 +0000
Message-ID: <CACknUNWbEVOyq6G1t4E_vpucypRv3hRyRNfQEM2fGbW36U8epA@mail.gmail.com>
To: Ira McDonald <blueroofmusic@gmail.com>
Cc: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, "sacm@ietf.org" <sacm@ietf.org>
Content-Type: multipart/alternative; boundary="001a114532ba852cc605501d00be"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/BI84cxhaGGORAsuTxf8J2Ji9Xn0>
Subject: Re: [sacm] Hackathon Goals and Stretch Goals
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 May 2017 13:39:41 -0000
Ira, thank you for sharing your opinion. I am perfectly fine making such a declaration, but I would like others to chime in also. I know at least one other who believes doing this would be a good idea, but I'm not sure about any sort of consensus on the issue at this point. To your other points, I agree completely - this is proof-of-concept work, not finished product. So, it can be an ugly, but instructional, solution. Adam On Fri, May 19, 2017 at 1:39 PM Ira McDonald <blueroofmusic@gmail.com> wrote: > Hi Adam, > > Chiming in below on one point raised in this Hackathon goals conversation. > > Cheers, > - Ira > > > On Tue, May 16, 2017 at 2:47 PM, Adam Montville < > adam.w.montville@gmail.com> wrote: > >> Hi Henk. I'll try inline. >> >> On Tue, May 16, 2017 at 11:04 AM Henk Birkholz < >> henk.birkholz@sit.fraunhofer.de> wrote: >> > <...snip...> >> > >>> Also, I noticed conflicting notions about how important it is to prepare >>> a message format to convey information between components. While it >>> might not be as critical as "having actual component code to work with", >>> interoperability is key. And if we would agree on a preliminary data >>> structure (probably derived from the current IM), before we start the >>> hackathon, we could save some time during the f2f on-site. It's probably >>> a low hanging fruit also, as I am not talking about every IE to be >>> conveyed, but about the general message structure ("the container") and >>> the corresponding encoding for data in motion. >>> >> >> [AWM] There are differing perspectives on this front. Yes, having a >> common structure could be useful, but it may not be necessary for the >> purposes of this effort. This effort is somewhat different from others that >> I've heard of, in that we are not implementing a solution as much as we are >> discovering one. I do expect that we will discover the structures we need >> as we develop the solution. What do others think about this? Do we need to >> have this information up front, or is it something we can discover as we go? >> > > <ira> For message wire format for the Hackathon, please consider taking > the SACM > Information Model verbatim and using that XSD for XML wire format. > Efficiency is > totally irrelevant. So is elegance. You're trying to do a proof of > concept. Defining > the Hackathon wire format interactively in the room is a time waster idea, > IMO. > >> >> >>> >>> Thoughts? >>> >>> >>> Viele Grüße, >>> >>> Henk >>> >>> >>> >>> >>> On 05/16/2017 05:12 PM, Haynes, Dan wrote: >>> > Seems like a reasonable story to focus around, for the hackathon, to >>> me. >>> > >>> > >>> > >>> > Thanks, >>> > >>> > Danny >>> > >>> > >>> > >>> > *From:*sacm [mailto:sacm-bounces@ietf.org] *On Behalf Of *Jerome >>> Athias >>> > *Sent:* Monday, May 15, 2017 11:12 PM >>> > *To:* Adam Montville <adam.w.montville@gmail.com>; Waltermire, David >>> A. >>> > (Fed) <david.waltermire@nist.gov>; sacm@ietf.org >>> > *Subject:* Re: [sacm] Hackathon Goals and Stretch Goals >>> > >>> > >>> > >>> > I think it's a good idea too. >>> > >>> > I don't know who is supposed to participate to this hackathon? >>> > >>> > Potentially you could market it by capitalizing on real known events, >>> > (without trolling) let's say "new critical vulnerability", "for >>> > preventing ransomware" "FictitousCorp needs to Respond quickly and have >>> > a system to Identify and Protect its endpoints..." >>> > >>> > >>> > >>> > >>> > >>> > On Tue, 16 May 2017 at 00:30, Adam Montville < >>> adam.w.montville@gmail.com >>> > <mailto:adam.w.montville@gmail.com>> wrote: >>> > >>> > I think that's a good idea. How do folks feel about this story? Is >>> > it lacking anything? Is it too specific? What would you change >>> about >>> > it if you could? >>> > >>> > >>> > >>> > On Mon, May 15, 2017 at 12:57 PM Waltermire, David A. (Fed) >>> > <david.waltermire@nist.gov <mailto:david.waltermire@nist.gov>> >>> wrote: >>> > >>> > I was thinking that it would be useful to have a user story to >>> > implement against for the Hackathon. How about something like >>> > the following that maps to our goals: >>> > >>> > >>> > >>> > A vendor identifies a vulnerability in their software product. >>> > They produce a new version of their software and publish a >>> > vulnerability bulletin that indicates customers should upgrade >>> > to the new version to address the vulnerability. The product >>> > versions have both a SWID tag and a CoSWID tag. As a customer >>> of >>> > this vendor that uses the affected products, we need to build a >>> > vulnerability assessment system that is capable of detecting >>> > what version of the software is installed and determine if that >>> > version is vulnerable using the vendor provided information. >>> The >>> > Collector will be capable of gathering software inventory >>> > information from one or more target endpoints by: >>> > >>> > >>> > >>> > 1) Requesting software inventory information for the >>> > affected software based on an ad-hoc request. >>> > >>> > 2) Reporting the software inventory as software changes >>> occur >>> > >>> > >>> > >>> > Collected software inventory information will be stored in the >>> > Assessment Results Repository and will be compared to >>> > vulnerability detection data retrieved from the Vulnerability >>> > Detection Data Repository. The vulnerability detection data >>> will >>> > be derived from the vendor provided information in some useful >>> > way to be determined by the Vulnerability Assessor. >>> > >>> > >>> > >>> > How does this look? >>> > >>> > >>> > >>> > Regards, >>> > >>> > Dave >>> > >>> > >>> > >>> > *From:*sacm [mailto:sacm-bounces@ietf.org >>> > <mailto:sacm-bounces@ietf.org>] *On Behalf Of *Adam Montville >>> > *Sent:* Tuesday, May 09, 2017 3:30 PM >>> > *To:* sacm@ietf.org <mailto:sacm@ietf.org> >>> > *Subject:* Re: [sacm] Hackathon Goals and Stretch Goals >>> > >>> > >>> > >>> > All: >>> > >>> > >>> > >>> > This week Dave and I have had an opportunity to discuss these a >>> > bit further. We've come up with the following set of goals and >>> > outcomes: >>> > >>> > >>> > >>> > GOAL: Running code demonstrating the communication needs >>> between >>> > identified components as they pertain to the on-request >>> > collection case through the scenario, where that case is >>> > described >>> > at >>> https://trac.ietf.org/trac/sacm/wiki/SacmVulnerabilityAssessmentScenario >>> . >>> > OUTCOME: We will have specific understanding of components' >>> > boundaries and the necessary information flows (including >>> > information being communicated) between them. >>> > >>> > >>> > >>> > GOAL: Leverage existing collected data in a data repository. >>> > OUTCOME: Demonstrate that previously collected data can be >>> > reused to support vulnerability assessment >>> > >>> > >>> > >>> > GOAL: Running code to extend that base case to include a >>> > mechanism capable of monitoring a given set of endpoint >>> > attributes for change. OUTCOME: We will have specific >>> > understanding of additional architectural considerations for >>> > handling monitoring vs. on-request collection, as well as any >>> > additional information flows required. >>> > >>> > >>> > >>> > Does anyone care to bash these goal-ouctome pairs in the >>> context >>> > of our hackathon plans? If so, please do so over the next day >>> > or two, otherwise these will become the stated goals for our >>> > hackathon. >>> > >>> > >>> > >>> > Kind regards, >>> > >>> > >>> > >>> > Adam >>> > >>> > >>> > >>> > On Tue, May 2, 2017 at 4:40 PM Adam Montville >>> > <adam.w.montville@gmail.com <mailto:adam.w.montville@gmail.com >>> >> >>> > wrote: >>> > >>> > All: >>> > >>> > >>> > >>> > Last week Dave sent a list of milestones to the list. The >>> > first of which was for the WG to define some goals for the >>> > IETF 99 hackathon. I can see at least one primary goal with >>> > at least one stretch goal. The primary goal is to have >>> > running code demonstrating the basic/ideal case through our >>> > vulnerability scenario, where a new vulnerability is >>> > discovered and we need to reach out all the way to the >>> > endpoint to determine whether it is in fact vulnerable. A >>> > stretch goal might be to have running code demonstrating a >>> > "monitor for this vulnerability from now on" capability >>> (I'm >>> > sure I'm not stating that as well as I could). >>> > >>> > >>> > >>> > Does anyone have additional goals? Or, are there better >>> ways >>> > to state these particular goals (there probably are)? >>> > >>> > >>> > >>> > Kind regards, >>> > >>> > >>> > >>> > Adam >>> > >>> > _______________________________________________ >>> > sacm mailing list >>> > sacm@ietf.org <mailto:sacm@ietf.org> >>> > https://www.ietf.org/mailman/listinfo/sacm >>> > >>> > >>> > >>> > _______________________________________________ >>> > sacm mailing list >>> > sacm@ietf.org >>> > https://www.ietf.org/mailman/listinfo/sacm >>> > >>> >>> _______________________________________________ >>> sacm mailing list >>> sacm@ietf.org >>> https://www.ietf.org/mailman/listinfo/sacm >>> >> >> _______________________________________________ >> sacm mailing list >> sacm@ietf.org >> https://www.ietf.org/mailman/listinfo/sacm >> >>
- [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Waltermire, David A. (Fed)
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Jerome Athias
- Re: [sacm] Hackathon Goals and Stretch Goals Tim Harrison
- Re: [sacm] Hackathon Goals and Stretch Goals Tim Harrison
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Waltermire, David A. (Fed)
- Re: [sacm] Hackathon Goals and Stretch Goals Kathleen Moriarty
- Re: [sacm] Hackathon Goals and Stretch Goals Haynes, Dan
- Re: [sacm] Hackathon Goals and Stretch Goals Henk Birkholz
- Re: [sacm] Hackathon Goals and Stretch Goals Waltermire, David A. (Fed)
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Ira McDonald
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Waltermire, David A. (Fed)
- Re: [sacm] Hackathon Goals and Stretch Goals Haynes, Dan
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Henk Birkholz
- Re: [sacm] Hackathon Goals and Stretch Goals Henk Birkholz
- Re: [sacm] Hackathon Goals and Stretch Goals Jerome Athias
- Re: [sacm] Hackathon Goals and Stretch Goals Nancy Cam-Winget (ncamwing)
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Jessica Fitzgerald-McKay
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville