Re: [sacm] Request for participants - Content Repository Specification Development
Gunnar Engelbach <Gunnar.Engelbach@ThreatGuard.com> Fri, 11 May 2012 16:42 UTC
Return-Path: <gunnar.engelbach@threatguard.com>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 704A321F85D4 for <sacm@ietfa.amsl.com>; Fri, 11 May 2012 09:42:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.067
X-Spam-Level:
X-Spam-Status: No, score=-0.067 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MISSING_HEADERS=1.292, SARE_LWSHORTT=1.24]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IQsteg4Velqq for <sacm@ietfa.amsl.com>; Fri, 11 May 2012 09:42:46 -0700 (PDT)
Received: from server.threatguard.com (server.threatguard.com [207.55.247.173]) by ietfa.amsl.com (Postfix) with ESMTP id 8A39221F8517 for <sacm@ietf.org>; Fri, 11 May 2012 09:42:46 -0700 (PDT)
Received: (qmail 26998 invoked from network); 11 May 2012 10:45:49 -0700
Received: from h69-130-58-233.cntcnh.dsl.dynamic.tds.net (HELO ?172.16.1.227?) (69.130.58.233) by 207.55.247.241 with ESMTPSA (DHE-RSA-AES256-SHA encrypted, authenticated); 11 May 2012 10:45:48 -0700
Message-ID: <4FAD4190.4040509@ThreatGuard.com>
Date: Fri, 11 May 2012 12:42:56 -0400
From: Gunnar Engelbach <Gunnar.Engelbach@ThreatGuard.com>
Organization: ThreatGuard, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20120428 Thunderbird/12.0.1
MIME-Version: 1.0
References: <CBD00675.32964%kent_landfield@mcafee.com>
In-Reply-To: <CBD00675.32964%kent_landfield@mcafee.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
Cc: SCAP-DEV@nist.gov, sacm@ietf.org
Subject: Re: [sacm] Request for participants - Content Repository Specification Development
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion List for IETFers interested in the Security Content Automation Protocol \(SCAP\)." <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sacm>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 May 2012 16:42:48 -0000
I'm not going to make any other comments at this point other than noting that this is a worthwhile effort, so count me in. --gun ThreatGuard, Inc. On 5/11/2012 12:35 PM, Kent_Landfield@McAfee.com wrote: > Mike I love it when you tee something up like that…. ;-) Thank you. ;) > > Mike wrote: > > I still think that any specification for a repository is wishful > thinking until someone builds one and learns the lessons it will just be > another whitepaper spec. I believe the DoD needs to incorporate a > metadata repository as part of it and other customizations that may not > be useful for everyone. > > We need to talk more… > > > If you are talking about a holistic, complete federated approach to a > content repository, I some what agree. If you are talking about an > organizational repository, I totally disagree. But you knew I would. ;) > > > Here is how I see the problem. There is an immediate need for SCAP and > other related content to be served up inside an organization. Today we > have situation where the standards allow us to provide sites the > capability to have a single SCAP implemented policy they call official > for their environment. Yes this is a rather simplistic since there are > things such as targeting specific platforms, specific operational use > needs, but for now lets agree SCAP is a massive improvement over the > proprietary situations of the past. While we have created this standard > content so that sites can implement their local site security once and > then assure they are measuring all appropriately targeted devices the > same way, we have failed to support the operational needs of the sites. > We have a situation where no two vendors distribute content the same > way. This causes massive problems for the administration staff when they > need to incorporate a new SCAP enabled product into their architecture. > They need to discover how the new product supports distributing SCAP > content to it's various components. If they have one product then they > do this one and they are done. If they have multiple products they will > have to figure out how to minimize the impact by incorporating the > update process for the new product into the existing SCAP security > content processes. Now when the inevitable happens and the site staff > needs to make a change to their security policy, they have to make the > modifications to the benchmark or checks or both and then distribute > those updates across their network. For each SCAP enabled product they > have in place, they have doubled, tripled or more the work needed to > make those updates available. > > > There is another content repository problem and that is the Federated > Content Distribution. If you think global DNS you have a general frame > of reference. The guidance authors need to be able to publish content in > an authoritative manner so their content is updated in a timely fashion. > This is a much harder problem to solve if there is no local > organizational infrastructure to support it. ;) > > > So here is what I am thinking… We should consider addressing these as > two separate but integrated efforts. I believe the Organizational > Content Repository is the more critical piece that is actually easier to > address. The Federated Content Distribution should be a subsequent > effort integrating / augmenting the Organizational repository > specification. > > > Mike, to your point that we need someone to build one first… That has > happened already. I have one as do other vendors but what we don’t have > is the access specification. Ours are focused on our specific product > needs. Additionally there is a company that has developed a commercial > SCAP content repository that will be announced later this month. I won't > steal their thunder but I was recently given a sneak peek at it and I > must admit I was very impressed. Again, to your point, it has been done. > What is needed to address the initial operational problem is to develop > a specification that provides a consistent means for all SCAP products > to retrieve the appropriate content as configured and managed but the site. > > > TO THAT END…. > > > I am requesting participation from those in the community that see the > need and want to put in the work to make this specification happen. I > have talked to a couple of you but I do not want to assume your > participation. If you are interested please contact me so we can get > this started. > > > Thanks! > > > *Kent Landfield* > Director Content Strategy, Architecture and Standards > > *McAfee | An Intel Company* > 5000 Headquarters Dr. > Plano, Texas 75024 > > Direct: +1.972.963.7096 > Mobile: +1.817.637.8026 > *Web: *www.mcafee.com <http://www.mcafee.com/> > > From: <Kinney>, Michael A <m.kinne@radium.ncsc.mil > <mailto:m.kinne@radium.ncsc.mil>> > To: David Waltermire <david.waltermire@nist.gov > <mailto:david.waltermire@nist.gov>>, SCAP-DEV <SCAP-DEV@nist.gov > <mailto:SCAP-DEV@nist.gov>>, "sacm@ietf.org <mailto:sacm@ietf.org>" > <sacm@ietf.org <mailto:sacm@ietf.org>> > Subject: Re: [sacm] [OVAL-DEVELOPER-LIST] Security Automation Developer > Days: Summer 2012 at MITRE in Bedford, MA > > Dave, > > I have no problem with webinars, I do want to keep developer days > actionable and use it to make decisions, and vote and accomplish > things good or bad. I do not want this to be an informational > briefing conference. > > Thanks for the links. > > I still think that any specification for a repository is wishful > thinking until someone builds one and learns the lessons it will > just be another whitepaper spec. I believe the DoD needs to > incorporate a metadata repository as part of it and other > customizations that may not be useful for everyone. > > We need to talk more… > > -Mike > > *From:*Waltermire, David A. [mailto:david.waltermire@nist.gov] > *Sent:* Tuesday, May 08, 2012 10:44 AM > *To:* Kinney, Michael A; SCAP-DEV; sacm@ietf.org <mailto:sacm@ietf.org> > *Subject:* RE: [OVAL-DEVELOPER-LIST] Security Automation Developer > Days: Summer 2012 at MITRE in Bedford, MA > > Mike, > > What about having webinars in-place of the 30 minute briefs? > > Regarding content management, we are building the prototype content > repository for use in a production environment. As an open source > project, it will be free for use by anyone interested. My thinking > is that this project can bridge the gap until commercial solutions > are available to augment it. This is a similar path that was > followed with DNS (bind) and HTTP (apache). When it is ready for > use, I am hoping to use it to host USGCB content. You would be > welcome to use it for your needs. > > It is good that OCIL is moving forward. This is an important piece > of supporting risk management and aspects of continuous monitoring. > I would also like to see some discussion on OCIL at Developer Days. > With the proposals we will likely have a sense of what needs to be > discussed and what we can achieve consensus on outside the meeting. > > Remediation is a topic near and dear to my heart. I too would like > to see it move forward. > > We just published the draft ASR specification for public comment. > This specification supports enterprise aggregate reporting which > greatly reduces the data volumes needed verses detailed host-based > reports. This specification has been designed as a more robust > replacement for LASR. It can be used in continuous monitoring > applications to support aggregate data reporting needs (e.g. FISMA > reporting, CyberScope). > > Here are the links: > > http://csrc.nist.gov/publications/PubsDrafts.html > > http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7848 > > The primary reason we have suggested waiting on XCCDF is not the > internationalization issue. Many vendors have commented that they > are still working on implementing the XCCDF 1.2.1 specification. We > will be in a better place in a few months once more development > around XCCDF has occurred. As we consider changes to the SCAP stack > to address OCIL and other issues, we will identify areas that need > improvement in XCCDF. These are good and necessary discussions to > have now, but we have a good deal of work to do before we are ready > to open up XCCDF. My suggestion is to work on these related areas > and then work up change proposals for XCCDF as needed. By that time > we should be ready to work on a new revision of XCCDF. > > I am also looking forward to the discussions at the conference. It > has been too long. > > Sincerely, > > Dave > > *From:*Kinney, Michael A [mailto:m.kinne@radium.ncsc.mil] > *Sent:* Tuesday, May 08, 2012 7:09 AM > *To:* SCAP-DEV > *Cc:* Waltermire, David A. > *Subject:* RE: [OVAL-DEVELOPER-LIST] Security Automation Developer > Days: Summer 2012 at MITRE in Bedford, MA > > Kent, > > It’s good to read your thoughts, and a realistic actionable approach > is indeed needed. Since all the activity hasn’t been on the lists a > brief 1Ž2 hour recap may be in order to bring everyone up to speed > since there has been a lot of activity on CPE/SWID, OCIl, MAEC/CybOX > CEE and others. > > We could write a content repository specification, but without > someone willing to stand one up it will be as valuable as the CCSS > specification is today. I’ve been trying for two years to get my > management to get a coordinated effort together for the DoD to stand > up a repository, it is a tough problem and will require funding with > a tail, I’m not sure a specification will solve that problem. > > We (DoD) have been putting a lot of effort into OCIL over the last > year trying to make it useful in an enterprise environment and will > be posting our ideas to the list before developer days it should > have already started, we need to get consensus and a vote on how the > community wishes to proceed. > > Remediation is stalled but I’m making every effort to get it kick > started from our perspective. I hope to assist in getting the draft > ERI finished this year. We are writing some new STIG content and > intend to used the draft CRE specification to insert CRE into the > content so we (DoD) can do some automatic configuration fixes, part > of a self healing network concept. It is just a start but the best > we can do at this point. > > Enterprise reporting is an interesting subject, since XML adds size > to and content to roll up reporting, in any enterprise of size the > problem gets greater, I look forward to your thoughts on that subject. > > I am concerned that the internationalization efforts are detracting > from efforts to meet use cases, we have some things we would like > changed in XCCDF to support our OCIl use case and I have been told > that I need to wait. I didn’t think that a move to > internationalization should impede efforts to move forward with use > cases. > > I look forward to talking with you at the conference. > > v/r > > Mike Kinney > > Project Director > > Computer Network Defense Research and Technology (CND R&T) Office > > 9800 Savage Road Ste 6767 > Ft Meade, MD 20755-6767 > Phone: 410-854-4422 > NSTS: 968-8886 > Fax 410-854-4681 > > makinn2@nsa.gov <mailto:M.kinne@radium.ncsc.mil> > > *From:*scap-dev@nist.gov <mailto:scap-dev@nist.gov> > [mailto:scap-dev@nist.gov] <mailto:[mailto:scap-dev@nist.gov]> *On > Behalf Of *Waltermire, David A. > *Sent:* Monday, May 07, 2012 7:09 PM > *To:* Multiple recipients of list > *Subject:* RE: [OVAL-DEVELOPER-LIST] Security Automation Developer > Days: Summer 2012 at MITRE in Bedford, MA > > Kent, > > I like what you are saying here. We are also in support of this type > of approach. We would like to see some community discussion around > what are the key areas/priorities that the community would like to > see discussed at Dev Days. Your topics below look like a good start. > The SACM list might be a better venue than the OVAL list for this > discussion. For each area we should focus the discussion around > developing objectives for each session. The sessions can be time > boxed based on what would be a reasonable amount of time to > accomplish each objective. For example if continuous monitoring is a > priority and collectively it takes 3 days to work through all the > objectives, I see no problem with that. We can also keep a few > sessions “on deck” if all the objectives are reached and we complete > all the scheduled sessions early. > > Thoughts? > > Sincerely, > > David Waltermire > > SCAP Architect > > National Institute of Standards and Technology > > (301) 975-3390 > > david.waltermire@nist.gov <mailto:david.waltermire@nist.gov> > > *From:*scap-dev@nist.gov <mailto:scap-dev@nist.gov> > [mailto:scap-dev@nist.gov] <mailto:[mailto:scap-dev@nist.gov]> *On > Behalf Of *Kent_Landfield@mcafee.com <mailto:Kent_Landfield@mcafee.com> > *Sent:* Monday, May 07, 2012 4:25 PM > *To:* SCAP-DEV > *Subject:* Re: [OVAL-DEVELOPER-LIST] Security Automation Developer > Days: Summer 2012 at MITRE in Bedford, MA > > All, > > I would like to discuss the format for the SCAP Developer Days that > seems to be listed below. > > I see this appears to follow a path we have discussed in the past as > the way not to hold a Dev Days event. We have been trying to get > away from 'Death by Powerpoint' and back to the type of event we > held years ago when we were highly productive. In the past we had a > topic to be discussed and a time box to work within. That allowed us > to have very active brainstorming sessions in a high bandwidth > environment. > > At past Summer events we have got into a pattern of lots of > powerpoint, lots of status of the efforts and very little discussion > about things that need active discussions. We need to keep moving > forward and making progress as an effort. We can get status from > various places such as the lists, a presentation being sent out in > advance, a webinar if it is felt there will be questions and answers > from those that are new to the efforts. We have a limited amount of > time and all who are attending are investing a great deal of time > and money to be there. We should not be spending a great deal of > time reeducating everyone when we could be focused on advancing > needed efforts. > > The type of approach to a Dev Days event was discussed at the last > Summer Dev Days. I have seen the following work quite well in other > efforts. > > 1. Presentations are sent out to the attendees and the lists a week > in advance. > 2. Status for any effort is limited to 30 minutes > 3. Focused brainstorming time should be established for certain > areas that need real work by the community > 4. Efforts to be discussed should be based on needs of the security > automation space to move existing efforts to completion. > > For example: > > Continuous monitoring is a major direction the efforts are becoming > involved with. There are going to be things we need to do as a > security automation community to be able to accomplish what is > listed in the CAESARS FE. There are interfaces that need to be > worked and established. That is one area that is not listed below. > CM will have a major impact on all of us in the next couple years > and it is being ignored. We can't keep trying to solve what has > already been solved. We need to address the needed interface > development now. This is an effort that could take nearly a whole > day by itself. > > Operationally we have a real need to be able to deliver SCAP content > internally within an organization. Today the SCAP vendors cannot > share a single local site security policy (XCCDF + OVAL + CPE +…) > without the site staff having to go to each of the individual > products and figuring out how to inject that new or updated policy > into that products delivery mechanisms. That is limiting sites from > wanting to buy multiple focused SCAP products since they are such a > pain to manage from a content perspective. It is easier to buy from > one vendor that has a single means for distributing content than it > is to deal with the management issues that having multiple SCAP > products presents. We need to have at least an entire 1/2 a day on > the development of a Content Repository specification. > > OCIL is a positive and a negative at the same time. It has real > value that is being underutilized and under implemented because of > the limitations of how it addresses uses in an enterprise > environment. People don't need security automation to do things > on/for a single host. They need security automation to focus on the > enterprise issues that reduce their costs and improve their > efficiencies. OCIL is failing in the enterprise and we all > understand that. We need to address developing a definitive solution > for incorporating OCIL into the enterprise and that means into the > existing specifications. Scheduling and tracking are key to it's > success. We need to make that happen. This too needs a focused > brainstorming time box to discuss options. > > I am really disappointed that Remediation is not on the list below… > Yes, last Summer Dev Days, the time spent on Remediation was wasted > time but that does not mean we should ignore it and not try to make > some real progress. As far as I am concerned we need to reboot the > remediation effort. We cannot keep being the set of specifications / > tools that act as the little boy crying "Wolf" in the night. We need > to be able to find and fix issues if we are going to really make a > difference in organizational security postures. But today we think > it is too hard so we don't try ? I think we need a couple hours to > discuss the reboot of the effort even if that means minimizing work > already done. > > A focused discussion on enterprise reporting is also critically > needed. For the vendors here, we have all gone through the > Cyberscope goat rope, delivering limited capabilities to specific > data call requirements of the Federal Agencies. The initial effort > was a mess, did little more than prove it was possible and cause the > vendor community a great deal of thrashing to put a kludgey > 'solution' in place. Reality is all our customers need roll up > reporting and an infrastructure that supports it. A data call should > not be special to anyone other than the agencies responding. The > tools should be able to select the types of data needed and deliver > that on a scheduled basis automatically. Enterprise Reporting > pertains to commercial as well as Federal customers. We need to > focus some time on what that would look like using the ARF and ASR > as the foundational pieces. But there are missing pieces…. We need > this discussed. > > I would hope we can make this summer's SCAP Dev Days useful in > advancing the security automation efforts by addressing some of the > more critical issues our customers are facing now or will be facing > in the very short term. Status presentations are not interesting to > those active in the efforts. Let's try to do those before we get to > Bedford so we can real make some progress while we are all in the > same room. This is always a big event for the 'consensus of the > willing' that assemble and driven to see security automation make a > difference. Let's see if we can have an event that, when we all walk > out the last day, we all feel that every minute was well spent and > moves us forward. > > Thanks. > > *Kent Landfield* > Director Content Strategy, Architecture and Standards > > *McAfee | An Intel Company* > 5000 Headquarters Dr. > Plano, Texas 75024 > > Direct: +1.972.963.7096 > Mobile: +1.817.637.8026 > *Web: *www.mcafee.com <http://www.mcafee.com/> > > *From: *<Boczenowski>, Steve <sboczeno@MITRE.ORG > <mailto:sboczeno@MITRE.ORG>> > *Reply-To: *"OVAL Developer List (Closed Public Discussion)" > <OVAL-DEVELOPER-LIST@LISTS.MITRE.ORG > <mailto:OVAL-DEVELOPER-LIST@LISTS.MITRE.ORG>> > *To: *"OVAL-DEVELOPER-LIST@LISTS.MITRE.ORG > <mailto:OVAL-DEVELOPER-LIST@LISTS.MITRE.ORG>" > <OVAL-DEVELOPER-LIST@LISTS.MITRE.ORG > <mailto:OVAL-DEVELOPER-LIST@LISTS.MITRE.ORG>> > *Subject: *Re: [OVAL-DEVELOPER-LIST] Security Automation Developer > Days: Summer 2012 at MITRE in Bedford, MA > > Frank; > > We hope to have the registration site up next week. The event > will be during the week of July 9 – starting Monday at 10:00 AM > and ending on Friday at 12:00. > > Meanwhile, we are working on the agenda and are currently > considering this list of topics: > > CCE > > CPE/SWID > > CEE > > XCCDF > > OVAL > > ASR > > Enterprise OCIL > > CybOX/MAEC > > Federated Content Repository Spec > > Endpoint Reporting for Continuous Monitoring and Compliance (ERCC) > > MILE > > TAXII > > IF-M for SCAP > > IF-MAP > > SCAP Releases > > SCAP and IETF > > NETCONF and SCAP > > Steve > > *From:*Frank Lindsay Acker [mailto:afrank@NOVA.EDU] > *Sent:* Tuesday, May 01, 2012 9:32 AM > *To:* oval-developer-list OVAL Developer List/Closed Public > Discussion > *Subject:* Re: [OVAL-DEVELOPER-LIST] Security Automation > Developer Days: Summer 2012 at MITRE in Bedford, MA > > Steve.... > > Has there been any additional information regarding this event? > > Thanks, > Frank Acker > > ------------------------------------------------------------------------ > > *From:*Boczenowski, Steve [sboczeno@MITRE.ORG > <mailto:sboczeno@MITRE.ORG>] > *Sent:* Tuesday, March 20, 2012 16:38 > *To:* OVAL-DEVELOPER-LIST@LISTS.MITRE.ORG > <mailto:OVAL-DEVELOPER-LIST@LISTS.MITRE.ORG> > *Subject:* [OVAL-DEVELOPER-LIST] Security Automation Developer > Days: Summer 2012 at MITRE in Bedford, MA > > Save the Date: week of July 9, 2012 > > This year’s MITRE-hosted Security Automation Developer Days > event will be held during the week of July 9, 2012 at MITRE’s > facility in Bedford, MA. > > Details to follow. > > Regards, > > Steve > > ______________________________________________ > > /Stephen P. Boczenowski/ > > The MITRECorporation > > Office: (781) 271-7682 > > Cell: (978) 302-3849 > > sboczeno@mitre.org <mailto:sboczeno@mitre.org> > > To unsubscribe, send an email message to > LISTSERV@LISTS.MITRE.ORG <mailto:LISTSERV@LISTS.MITRE.ORG> with > SIGNOFF OVAL-DEVELOPER-LIST in the BODY of the message. If you > have difficulties, write to > OVAL-DEVELOPER-LIST-request@LISTS.MITRE.ORG > <mailto:OVAL-DEVELOPER-LIST-request@LISTS.MITRE.ORG>. > > To unsubscribe, send an email message to > LISTSERV@LISTS.MITRE.ORG <mailto:LISTSERV@LISTS.MITRE.ORG> with > SIGNOFF OVAL-DEVELOPER-LIST in the BODY of the message. If you > have difficulties, write to > OVAL-DEVELOPER-LIST-request@LISTS.MITRE.ORG > <mailto:OVAL-DEVELOPER-LIST-request@LISTS.MITRE.ORG>. > > To unsubscribe, send an email message to > LISTSERV@LISTS.MITRE.ORG <mailto:LISTSERV@LISTS.MITRE.ORG> with > SIGNOFF OVAL-DEVELOPER-LIST in the BODY of the message. If you > have difficulties, write to > OVAL-DEVELOPER-LIST-request@LISTS.MITRE.ORG > <mailto:OVAL-DEVELOPER-LIST-request@LISTS.MITRE.ORG>. > > > > _______________________________________________ > sacm mailing list > sacm@ietf.org > https://www.ietf.org/mailman/listinfo/sacm
- Re: [sacm] [OVAL-DEVELOPER-LIST] Security Automat… Adam Montville
- Re: [sacm] [OVAL-DEVELOPER-LIST] Security Automat… Waltermire, David A.
- Re: [sacm] [OVAL-DEVELOPER-LIST] Security Automat… Kinney, Michael A
- [sacm] Request for participants - Content Reposit… Kent_Landfield
- Re: [sacm] Request for participants - Content Rep… Gunnar Engelbach
- Re: [sacm] Request for participants - Content Rep… Michael Hammer
- Re: [sacm] Request for participants - Content Rep… Waltermire, David A.
- Re: [sacm] Request for participants - Content Rep… Natale, Bob
- Re: [sacm] Request for participants - Content Rep… Gunnar Engelbach
- Re: [sacm] Request for participants - Content Rep… Chandrashekhar B
- Re: [sacm] Request for participants - Content Rep… Andrew Bove [SA]
- Re: [sacm] Request for participants - Content Rep… Waltermire, David A.
- Re: [sacm] Request for participants - Content Rep… Kent_Landfield
- Re: [sacm] Request for participants - Content Rep… kathleen.moriarty
- Re: [sacm] Request for participants - Content Rep… Gunnar Engelbach
- Re: [sacm] Request for participants - Content Rep… Waltermire, David A.
- Re: [sacm] Request for participants - Content Rep… Waltermire, David A.
- Re: [sacm] Request for participants - Content Rep… Panos Kampanakis
- Re: [sacm] Request for participants - Content Rep… Waltermire, David A.
- Re: [sacm] [scap-dev] Request for participants - … Waltermire, David A.
- Re: [sacm] [scap-dev] Request for participants - … Waltermire, David A.
- Re: [sacm] [scap-dev] Request for participants - … Kurt Seifried
- Re: [sacm] [scap-dev] Request for participants - … Chandrashekhar B
- Re: [sacm] [scap-dev] Request for participants - … Waltermire, David A.
- Re: [sacm] [scap-dev] Request for participants - … Waltermire, David A.
- Re: [sacm] [scap-dev] Request for participants - … Gunnar Engelbach
- Re: [sacm] [scap-dev] Request for participants - … Gunnar Engelbach
- Re: [sacm] [scap-dev] Request for participants - … Gunnar Engelbach
- Re: [sacm] [scap-dev] Request for participants - … Panos Kampanakis
- Re: [sacm] [scap-dev] Request for participants - … Gunnar Engelbach
- Re: [sacm] [scap-dev] Request for participants - … Panos Kampanakis
- Re: [sacm] [scap-dev] Request for participants - … Kurt Seifried
- Re: [sacm] [scap-dev] Request for participants - … Kurt Seifried
- Re: [sacm] [scap-dev] Request for participants - … Kurt Seifried
- Re: [sacm] [scap-dev] Request for participants - … Gunnar Engelbach
- Re: [sacm] [scap-dev] Request for participants - … Waltermire, David A.
- Re: [sacm] [scap-dev] Request for participants - … Waltermire, David A.
- Re: [sacm] [scap-dev] Request for participants - … Michael Hammer
- Re: [sacm] [scap-dev] Request for participants - … Waltermire, David A.
- Re: [sacm] [scap-dev] Request for participants - … Michael Hammer
- Re: [sacm] [scap-dev] Request for participants - … Waltermire, David A.
- Re: [sacm] Request for participants - Content Rep… Sean Turner
- Re: [sacm] [scap-dev] Request for participants - … Halbardier, Adam [USA]
- Re: [sacm] [scap-dev] Request for participants - … Halbardier, Adam [USA]
- Re: [sacm] Request for participants - Content Rep… Chandrashekhar B
- Re: [sacm] Request for participants - Content Rep… Waltermire, David A.
- Re: [sacm] Request for participants - Content Rep… Luis Nunez
- Re: [sacm] Request for participants - Content Rep… Chandrashekhar B