IETF Logo Mail Archive

Re: [sacm] Review on draft-ietf-sacm-ecp-02

"Haynes Jr., Dan" <dhaynes@mitre.org> Wed, 05 September 2018 20:53 UTC

Return-Path: <dhaynes@mitre.org>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85EA4130DCD for <sacm@ietfa.amsl.com>; Wed, 5 Sep 2018 13:53:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.31
X-Spam-Level:
X-Spam-Status: No, score=-4.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mitre.onmicrosoft.com header.b=LrIzoFo7; dkim=pass (1024-bit key) header.d=mitre.org header.b=fzlUfeLr
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 45kD-6POqBgJ for <sacm@ietfa.amsl.com>; Wed, 5 Sep 2018 13:53:50 -0700 (PDT)
Received: from smtpvmsrv1.mitre.org (smtpvmsrv1.mitre.org [192.52.194.136]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0310712426A for <sacm@ietf.org>; Wed, 5 Sep 2018 13:53:49 -0700 (PDT)
Received: from smtpvmsrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id 24D196C002C; Wed, 5 Sep 2018 16:53:49 -0400 (EDT)
Received: from imshyb02.MITRE.ORG (unknown [129.83.29.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by smtpvmsrv1.mitre.org (Postfix) with ESMTPS id 08E4F6C0081; Wed, 5 Sep 2018 16:53:49 -0400 (EDT)
Received: from imshyb01.MITRE.ORG (129.83.29.2) by imshyb02.MITRE.ORG (129.83.29.3) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Wed, 5 Sep 2018 16:53:48 -0400
Received: from GCC01-DM2-obe.outbound.protection.outlook.com (10.140.19.249) by imshyb01.MITRE.ORG (129.83.29.2) with Microsoft SMTP Server (TLS) id 15.0.1263.5 via Frontend Transport; Wed, 5 Sep 2018 16:53:48 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mitre.onmicrosoft.com; s=selector1-mitre-org; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3OfEHGfmNfivP392HCOSBaEF1X8y10TAGhe75kOcQ3U=; b=LrIzoFo7J/PZQjzWQvKPP7nP2iICSfaJJUm1ck6dM5+G6Uod2UFyFBoYAfrb8/vuUuAz9TqhW/elYcVdHot1xlNpcL/kLyBE3/mASVtDghAtbXHn7Il5UEEFzeQIOibikSfbAn/yxEe9VCf2Nd6LHgTZznwXj7JNjp2J8rEgL2o=
Received: from DM6PR09MB2714.namprd09.prod.outlook.com (20.176.97.148) by DM6PR09MB2715.namprd09.prod.outlook.com (20.176.97.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1101.16; Wed, 5 Sep 2018 20:53:47 +0000
Received: from DM6PR09MB2714.namprd09.prod.outlook.com ([fe80::8937:5c7a:8648:f21e]) by DM6PR09MB2714.namprd09.prod.outlook.com ([fe80::8937:5c7a:8648:f21e%3]) with mapi id 15.20.1101.016; Wed, 5 Sep 2018 20:53:47 +0000
From: "Haynes Jr., Dan" <dhaynes@mitre.org>
To: "Montville, Adam W" <adam.w.montville@gmail.com>
CC: "<sacm@ietf.org>" <sacm@ietf.org>
Thread-Topic: [sacm] Review on draft-ietf-sacm-ecp-02
Thread-Index: AQHUOvXME4Hpue8dVEyi3uwt10Xm+qTVjLQwgAx4ToCAACqpSA==
Date: Wed, 05 Sep 2018 20:53:47 +0000
Message-ID: <DM6PR09MB27145F9C5967B23777180D2FA5020@DM6PR09MB2714.namprd09.prod.outlook.com>
References: <8662CDE7-A821-4C4C-B003-A12252F94550@gmail.com> <DM6PR09MB27146985B91839BB090516D5A50A0@DM6PR09MB2714.namprd09.prod.outlook.com>, <541303E9-FEDE-4B31-BD88-D276AB5EC61F@gmail.com>
In-Reply-To: <541303E9-FEDE-4B31-BD88-D276AB5EC61F@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=dhaynes@mitre.org;
x-originating-ip: [192.160.51.89]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM6PR09MB2715; 6:Bd5+Qp3nq9OAx6r01sU8Ihcz2knD4zSqXoCso/9K9DnuFwmAICyhtkIfqt5jWdrqmiUxCwG0BZY0e5QzGUZyROvn1iGEBpZzuleTdT0rukCr/An0V2S0J/16CYkf6yxAQ4zKbrkznvcQI4aBvpMdjnlffWU/D4g0ar+gQvUtIQymi1GZ/pT4Vkz2entVkqquSEbS5cGfGP5ZRDS7+Bq2Geec+tOEHoTYs0mmFQdRXyoTEq60nShEmHsDwqBYXhtZuDUxeU86kVpRWw6CrLuwMU7w6wUyeU7hg6i0Zeeapj8/yKoTmKkvtr3zG3Mho9XdwgXDFbkGVSXGkHfTuzrxXyTE2ELN6yLjmXomUc7EVa9OILdL0h8YX4ZgmtgvhCZhHWO5aMd6jqUZOnwKW4DhRZkML4gSVSbeuABFDndyLqV3BorD/af/3v19iTIAnfEis+Jk4VZIeMCOJYlFSxWxhA==; 5:NRBUlTB2N91YE5gUUce1147muEi8p7gmgvvUUyljxa16ZqgUoCq0MFj8JjCeM9UlMD036wur0ALx18pBjlPhagQyNqjGfX+PKH4UeR55KgHOKGJAGFMY7QfYNO9cFhoMIYEajwNGVLpS0PIqWP09xouA3gomJXtQNMzlUd+oyWQ=; 7:3vSDP5aFTI0Vc+Q2+m00dqUcCOzfhH2rHSwEBtlLfdjJ5qGKI0b5ua/Og/tDCb9T2TrGooHC1Sl7KITGugdYtjuplWlxM9kutyBbXmfW7JrQdlVJG69bfvWIhHIGqRZ0/DS2l4p4qxrj/lu5sFilfksoRO81dnosZKfsnPyV5MgvIXo+X+ukPc+Um3rinNQtF1p9ABJWLRKRSq/4vhSqWJDm8J36YBIM/Q/MHm+cPIKmQY1eu8NFakMZw1GcKdmV
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: eb511ef5-dc5e-4221-3dd2-08d61371ace7
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989137)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(5600074)(711020)(4618075)(2017052603328)(7153060)(7193020); SRVR:DM6PR09MB2715;
x-ms-traffictypediagnostic: DM6PR09MB2715:
x-ld-processed: c620dc48-1d50-4952-8b39-df4d54d74d82,ExtAddr
x-microsoft-antispam-prvs: <DM6PR09MB271562A47F073BD6636FE568A5020@DM6PR09MB2715.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(192374486261705)(35073007944872)(85827821059158);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3231311)(944501410)(52105095)(3002001)(6055026)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123562045)(20161123558120)(20161123564045)(201708071742011)(7699016); SRVR:DM6PR09MB2715; BCL:0; PCL:0; RULEID:; SRVR:DM6PR09MB2715;
x-forefront-prvs: 078693968A
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(346002)(39860400002)(376002)(396003)(136003)(189003)(199004)(57704003)(40224003)(5660300001)(6606003)(6246003)(68736007)(1015004)(19627405001)(2900100001)(14444005)(11346002)(256004)(476003)(486006)(446003)(966005)(478600001)(97736004)(6916009)(105586002)(106356001)(5250100002)(14454004)(8676002)(6506007)(81166006)(81156014)(53546011)(26005)(102836004)(186003)(606006)(229853002)(66066001)(316002)(99286004)(7696005)(76176011)(25786009)(6436002)(9686003)(6306002)(54896002)(55016002)(236005)(3846002)(4326008)(6116002)(2906002)(74316002)(7736002)(53936002)(86362001)(33656002)(39060400002)(8936002); DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR09MB2715; H:DM6PR09MB2714.namprd09.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: mitre.org does not designate permitted sender hosts)
x-microsoft-antispam-message-info: 91xnc81Fe1BM9/srubR+HfIp+Wo0t0rbDC0KLmfc7SMmtMcXAT3h8c2hfuysThU1UUjBaqYZ8t91hhBzJ4wSrniBEK5Fb/kdNCogrXaanulV6NX9Jkben42Zk2KZrn1iGsBbNkNoxlds2VKdA9QJ7YW7hTClrwcz33wnBXlhEncwne7I+FJQKZ66QVHa38FyANLZX/u8otH+bIOZYU9ef2xGninVNGgHmBflQmNfRU9ND86LIUUMKqv0Oap6ptg9xz4kwsbXmdVC5OXfRSCmVZEnhzKbHrpU3jikL8xNxOFesGtHbyREM5O+Wx5gDtFy2jxpnAMu0PpKANTornvZR4M8ZIO6dtddwvLiTghU74g=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_DM6PR09MB27145F9C5967B23777180D2FA5020DM6PR09MB2714namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: eb511ef5-dc5e-4221-3dd2-08d61371ace7
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Sep 2018 20:53:47.1946 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: c620dc48-1d50-4952-8b39-df4d54d74d82
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR09MB2715
X-OriginatorOrg: mitre.org
X-MITRE: 8GQsMWxq66rxk57w
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mitre.org; h=from:to:cc:subject:date:message-id:references:in-reply-to:content-type:mime-version; s=selector1; bh=3OfEHGfmNfivP392HCOSBaEF1X8y10TAGhe75kOcQ3U=; b=fzlUfeLroJk5Skghy1D/johsfCu+HClxR8Dt8/e0bcDV2Vg8VR0PxeHyFUKdTKDy3gxEWSOLhyZa1fUp0QANgmLrYimfjzhUfUI2Jth8bi79AYzBsd/6PSBUVRCKjyWgurFU8oQkDqJpsqMALIFQzdpMC82Y+0/yf3BqqFRmIBk=
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/BWjYbaWItfiDbi4VaP-6qX2aqwM>
Subject: Re: [sacm] Review on draft-ietf-sacm-ecp-02
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Sep 2018 20:53:54 -0000

Hi Adam,

More comments inline.


Thanks,

Danny


________________________________
From: Adam Montville <adam.w.montville@gmail.com>
Sent: Wednesday, September 5, 2018 1:25 PM
To: Haynes Jr., Dan
Cc: <sacm@ietf.org>
Subject: Re: [sacm] Review on draft-ietf-sacm-ecp-02

Danny, thanks for going through all my comments, and for addressing those that you did. Please see in line for my responses.

Kind regards,

Adam

On Aug 28, 2018, at 2:13 PM, Haynes Jr., Dan <dhaynes@mitre.org<mailto:dhaynes@mitre.org>> wrote:

Thanks Adam! I pulled your comments out and have addressed them in-line.

  *   Abstract: Add reference for ECP 1.0.

[Danny]: Addressed.

  *   Section 1.1: Change control “4” to “3” and “. [CIS]” to “[CIS].”

[Danny]: Addressed.

  *   Section 1.1: EPCP not previously defined.

[Danny]: EPCP is expanded in the first sentence of Section 1. Were you looking for something more?

No, I just missed it.

  *   Section 4.2: Does it filter? That’s partial evaluation.

[Danny]: The only filtering occurs in the Posture Broker Server component of the Posture Collection Manager which receives a batch of attributes from the Posture Collection Engine and routes the attributes to the appropriate Posture Validator. With that said, I noticed we have text that says the Posture Collection Manager does not do any evaluation (4.2) as well as text that says the SWID Posture Validator can do evaluation (6.1.5.3.2). We need to update the SWID Posture Validator section to just say it can do some sanity checking and processing of data before storing it in the repository to make it consistent.

Seems sane to me.


  *   Section 4.4: Normative MAY? There MAY be other instances of these :).

[Danny]: In this particular instance, it is non-normative because it’s just discussing the different components and what they can do at a high-level if that makes sense. It might be difficult to make this text normative because for the Posture Collection Engine and Posture Collection Manager components they won’t likely support the same capabilities given the technologies (i.e., data models, protocols, and interfaces) used across endpoint types (e.g., traditional vs. IoT). With that said, there is room to provide normative text for components in the EPCP Implementations section. Given all that, do you think it is okay to leave this text non-normative?

Yes.

  *   Section 5: When is the target endpoint told what attributes matter and their tolerance ranges?

[Danny]: Wouldn’t it be determined by the data models that are called out in the EPCP Implementations section?

That seems like an inference :-) To me, it's better to explain that, but mine is just one opinion.

[Danny]: I think it would be covered in the "provisioning" section in EPCP Transactions. In -03, I updated the "NOTE: TO BE EXPANDED" to say the following.

"An endpoint is provisioned with one or more attributes that will serve as its unique identifier on the network as well as the components necessary to interact with the posture manager. Examples of such identifiers include MAC addresses, serial numbers, hardware certificates compliant with [IEEE-802-1ar], and
the identities of hardware cryptographic modules among others. Furthermore, in some cases, an endpoint may need to be provisioned with instantiations of data models if the posture collection engine is expecting posture information in that format. Once provisioning is complete, the endpoint is deployed on the network."

Does this help make it clearer? Or, if not, is there any text that you would like to see?


  *   Section 5.1: NOTE: TO BE EXPANDED before WGLC?

[Danny]: Yes, we will update this in the next draft.

  *   Section 5.6: It feels odd to allow authorized repo access w/o specifying an interface. That said…may have a good idea for such a draft down the road a place.

[Danny]: Given that we don’t actually have a protocol or interface for this, I think it’s more of a note of what we want when we develop one. So, I think we are in agreement here?

Seems that way.

  *   Section 6.2.4: Why not support fetch/polling via NETCONF and RESTCONF now?

[Danny]: This should be supported through NETCONF and RESTCONF now. This text is just trying to say that we also want to support the self-reporting capabilities provided by Yang Push once it’s an RFC.

Ok. Is it worthwhile to also state NETCONF/RESTCONF?

[Danny]: Section 6.2 contains normative references to NETCONF/RESTCONF. Are you looking for something more?

  *   Section 6.3: Change “Update the policy…” to “Establish and update the policy…”

[Danny]: Addressed.

  *   Section 6.3: Why shouldn’t the API offer commands and policy interaction?

[Danny]: Are you asking why the API shouldn’t offer endpoints the ability to issue commands and policy interactions?

No. The API is enabling query, but no proactive tasks. How are policies managed? Seems that the API should enable that as well.

[Danny]: I think I am confused. Doesn't the API already support managing the policy  in section 6.3 (i.e., establish and update the policy)?

  *   Section 7.2/7.3: Aren’t vulnerability searches part of vulnerability management?

[Danny]: I don’t see any reason why these two sections can’t be combined.

Seems reasonable.


  *   Section 13: First paragraph in Security Considerations feels superfluous.

[Danny]: Seems reasonable to remove the first paragraph.

  *   Section 13.1: Do we need to discuss benefits? Feels introductory.
  *   Section 13.1: Says “A second security consideration…”. Unclear what the first was.

[Danny]: Seems reasonable to just remove this section. If there is anything we really feel we need, let’s just succinctly work it into the Introduction section.

Cool.


  *   Section 13.2: This is where I usually expect Security Considerations to start.

[Danny]: Agree. RFC 3552 states the purpose of the Security Considerations section is “…to encourage document authors to consider security in their designs and to inform the reader of relevant security issues...”.

  *   Section 13.2.1: “….a certain percentage of endpoints will always get compromised…”. This could be clarified. There will always be a certain percentage compromised.

[Danny]: Addressed. Reworded to “While the EPCP provides substantial improvements in endpoint security as described in Section 13.1, endpoints can still be compromised. For this reason, all parties must regard data coming from endpoints as potentially unreliable or even malicious…”.

Thumbs up.

  *   Section 13.3: A lot of the countermeasures read like CIS Controls. Could get some love for CIS as a reference even Benchmarks. Really like the idea of referencing CIS Controls and NIST 800-53 controls.

[Danny]: Great idea! Would you be will to include the references? We will gladly give you authorship credits for it :).

Sure. Give me a few days??

[Danny]: Sounds good to me.

  *   Section 14: Not sure how Privacy Considerations will be received, but, it is the sane to me.

[Danny]: Great.

  *   All: Various editorial changes (add/remove words, commas, etc.)

[Danny]: Addressed.
Thanks,

Danny



From: sacm [mailto:sacm-bounces@ietf.org] On Behalf Of Adam Montville
Sent: Thursday, August 23, 2018 11:25 AM
To: <sacm@ietf.org<mailto:sacm@ietf.org>> <sacm@ietf.org<mailto:sacm@ietf.org>>
Subject: [sacm] Review on draft-ietf-sacm-ecp-02


All:

Over the past few weeks I've been reviewing this draft and providing comments along the way to the draft authors. Now that I'm through the entire draft, I'm posting it here for the entire group to see. I apologize in advance if you have difficulty reading my annotations in the PDF.

Kind regards,

Adam

_______________________________________________
sacm mailing list
sacm@ietf.org<mailto:sacm@ietf.org>
https://www.ietf.org/mailman/listinfo/sacm

v2.23.0 | Report a Bug | By Email