[sacm] 答复: Some comments about draft-ietf-sacm-ecp-02:
"Xialiang (Frank, Network Integration Technology Research Dept)" <frank.xialiang@huawei.com> Wed, 29 August 2018 01:27 UTC
Return-Path: <frank.xialiang@huawei.com>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B09C8130DD3; Tue, 28 Aug 2018 18:27:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jbjJSitWKyEV; Tue, 28 Aug 2018 18:27:36 -0700 (PDT)
Received: from huawei.com (lhrrgout.huawei.com [185.176.76.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B8D812DD85; Tue, 28 Aug 2018 18:27:36 -0700 (PDT)
Received: from lhreml709-cah.china.huawei.com (unknown [172.18.7.107]) by Forcepoint Email with ESMTP id A2C999920EB8E; Wed, 29 Aug 2018 02:27:32 +0100 (IST)
Received: from DGGEMM422-HUB.china.huawei.com (10.1.198.39) by lhreml709-cah.china.huawei.com (10.201.108.32) with Microsoft SMTP Server (TLS) id 14.3.399.0; Wed, 29 Aug 2018 02:27:33 +0100
Received: from DGGEMM511-MBX.china.huawei.com ([169.254.1.42]) by dggemm422-hub.china.huawei.com ([10.1.198.39]) with mapi id 14.03.0399.000; Wed, 29 Aug 2018 09:27:28 +0800
From: "Xialiang (Frank, Network Integration Technology Research Dept)" <frank.xialiang@huawei.com>
To: "Haynes Jr., Dan" <dhaynes@mitre.org>, "draft-ietf-sacm-ecp.authors@ietf.org" <draft-ietf-sacm-ecp.authors@ietf.org>
CC: "sacm@ietf.org" <sacm@ietf.org>
Thread-Topic: Some comments about draft-ietf-sacm-ecp-02:
Thread-Index: AdQ6stykQ81ODcpdQGqWGrUg/llyvwEIMcvAABjyhiA=
Date: Wed, 29 Aug 2018 01:27:27 +0000
Message-ID: <C02846B1344F344EB4FAA6FA7AF481F12C8567B5@dggemm511-mbx.china.huawei.com>
References: <C02846B1344F344EB4FAA6FA7AF481F12C851426@dggemm511-mbs.china.huawei.com> <DM6PR09MB2714DD4F6AC160D4F4637DBEA50A0@DM6PR09MB2714.namprd09.prod.outlook.com>
In-Reply-To: <DM6PR09MB2714DD4F6AC160D4F4637DBEA50A0@DM6PR09MB2714.namprd09.prod.outlook.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.134.159.76]
Content-Type: multipart/alternative; boundary="_000_C02846B1344F344EB4FAA6FA7AF481F12C8567B5dggemm511mbxchi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/CypqocFRcL_GXoCq47bEeK_3aH8>
Subject: [sacm] 答复: Some comments about draft-ietf-sacm-ecp-02:
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Aug 2018 01:27:39 -0000
Thanks! 发件人: Haynes Jr., Dan [mailto:dhaynes@mitre.org] 发送时间: 2018年8月29日 2:55 收件人: Xialiang (Frank, Network Integration Technology Research Dept) <frank.xialiang@huawei.com>; draft-ietf-sacm-ecp.authors@ietf.org 抄送: sacm@ietf.org 主题: RE: Some comments about draft-ietf-sacm-ecp-02: Hi Jess, Here’s how I was planning to respond to Frank. Does this all seem reasonable to you as well? Thanks, Danny --------------- Hi Frank, Thanks for the feedback! Comments inline below. From: sacm [mailto:sacm-bounces@ietf.org] On Behalf Of Xialiang (Frank, Network Integration Technology Research Dept) Sent: Thursday, August 23, 2018 4:03 AM To: draft-ietf-sacm-ecp.authors@ietf.org<mailto:draft-ietf-sacm-ecp.authors@ietf.org> Cc: sacm@ietf.org<mailto:sacm@ietf.org> Subject: [sacm] Some comments about draft-ietf-sacm-ecp-02: Hi authors, I have reviewed the latest draft, and think it’s useful to specify the endpoint posture collection profile with a document in sacm WG. My personal feeling is that this draft is very comprehensive and general, but does not go into depth in terms of protocol, interface, data model… So, it’s kind of design guidance, framework overview document, aiming to helping to specify more concrete ECP protocols/models. Is my understanding right? [Danny]: Correct. Our intent is to have this document be a best practices for how to use various data models, protocols, and interfaces for the on-going collection and assessment of endpoint information as well as the ability to expose that information to other tools. In addition, I have some specific comments on current draft, as follow: 1. Is it going to be a Standard Track draft? Since I see you mentioned in the abstract it mainly describes the best practices, maybe an Informational draft is more suitable? [Danny]: I think I forgot to change that in the last draft, but, we would like to see this draft published as a BCP since it discusses the best practices for using IETF and TCG standards for endpoint assessment. 2. What is the relation of the ECP with the SACM architecture? ECP is one component of the large SACM architecture, or is using the SACM architecture, or part of it? [Danny]: ECP intends to provide the best practices for part of the architecture. Specifically, around the collector (Posture Collection Engine), repository (Repository), evaluator (Evaluator), and orchestrator (Orchestrator) components. With that said, there are currently no protocols or interfaces defined for the repository, evaluator, and orchestrator components. So, at the moment, ECP only provides best practices for the collection of information from the endpoint information and the communication of that information to the posture manager. 3. In Figure 1, can the Endpoint support the pub/sub interaction with the Orchestrator? [Danny]: I don’t believe so. I think the thought was that the Endpoint would interact with the Posture Manager (i.e., just collection) and the Orchestrator would be involved on the other side of the diagram. Jess: It looks like this was discussed further at IETF 101, but, it’s not clear to me from the notes what the outcome was (https://datatracker.ietf.org/doc/minutes-101-sacm/). Do you recall what it was? I wasn’t at IETF 101. 4. I think the term NETMOD is not suitable in this document, since NETMOD (WG) is mainly about the various models definition. NETCONF is better for expressing the whole network devices management protocol. [Danny]: Addressed. [danny] B.R. Frank
- [sacm] Some comments about draft-ietf-sacm-ecp-02: Xialiang (Frank, Network Integration Technology Research Dept)
- Re: [sacm] Some comments about draft-ietf-sacm-ec… Haynes Jr., Dan
- [sacm] 答复: Some comments about draft-ietf-sacm-ec… Xialiang (Frank, Network Integration Technology Research Dept)