Re: [sacm] Eric Rescorla's No Objection on draft-ietf-sacm-nea-swima-patnc-02: (with COMMENT)
Eric Rescorla <ekr@rtfm.com> Tue, 20 February 2018 14:56 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 978D612D875 for <sacm@ietfa.amsl.com>; Tue, 20 Feb 2018 06:56:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8lQSEGXGO02Y for <sacm@ietfa.amsl.com>; Tue, 20 Feb 2018 06:56:36 -0800 (PST)
Received: from mail-qt0-x22c.google.com (mail-qt0-x22c.google.com [IPv6:2607:f8b0:400d:c0d::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7C3112D86D for <sacm@ietf.org>; Tue, 20 Feb 2018 06:56:17 -0800 (PST)
Received: by mail-qt0-x22c.google.com with SMTP id d26so16647312qtk.10 for <sacm@ietf.org>; Tue, 20 Feb 2018 06:56:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=nxXQ+E3lcWQVS1i06HmiQj6BACngCJ+t9VxH82317tY=; b=lFoVfBN9tTvExkR6pnLqEN+i2ybtUDXCikuLAgb0nFedjBl0t2nHTNRTfezXy+nIFr zsT5Umjo6OPJxCEe+fChr5u76L7kK6cezlcWjvInnB27Tj9/99jY/7H/6wU1j2jg6jUk oqh+8UNTtwFheacFaGJ0e8SJRe0FpfN1eoI822wSvKAXHHYcGzi0OH/JF05mQ8sY1IG1 i9C5xAoNUmuLy1FPD6UDRq0+r/mGNzTS7dGKNWcgu1V7JkTtukkmwtnyB9UVvdGNDms1 OTBJXbeJYAgUg130kX80IM+SPu7EPEwT0VsjbIl0nMDR4wweG/oVCUxW3nXvamk17GX6 bc7g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=nxXQ+E3lcWQVS1i06HmiQj6BACngCJ+t9VxH82317tY=; b=iEXl57VPxupFmbV9zwtPETnb/5q0nWjxlv38bs7poecirhBBiq43HBrwXxJwJZ0O1g pSv8eyLscl4g/8WqGaIEqiuTy/0n4oaBMfxrje3Nw+cvFz4KnPv5G33en2HVNL4aaJv1 5qGAoZFRiBil8R+jEcPk7B8ZoE9kzdtpC1zL1898XDqD+RfRHhiYXLdrZ1/5oAyKrB3h yqCFvAHW8tq24SwLL2Hj5PMEltbIuBooSmmmjXL7fF4YbMoZ5ojgDVvSQClAEiMDHVa+ OXIK0p+iSL5hST5xvG2DtP1XfszZwUqiDcNZegPDoLmWh84NEHoqCKtgApG0ILVlq+j0 jXZg==
X-Gm-Message-State: APf1xPDCVI3da55FGe15SRpyyv4mYPAUGXnr1CN2lmv6Ccr9QL5XhAlL Y3cOJZC7eCHD0r4/xl8FqVMbSRSQmvPI2KuLXiFT3A==
X-Google-Smtp-Source: AH8x224FjmZ0ig2ztpO9Z6cdEc1HjAbezxSU3MuFYSXBDWzsjuUnwmlgqWn3Hg1R4ch9LDj00ATtneZ3dJszsCzFcmE=
X-Received: by 10.200.7.77 with SMTP id k13mr11481964qth.165.1519138576634; Tue, 20 Feb 2018 06:56:16 -0800 (PST)
MIME-Version: 1.0
Received: by 10.200.37.176 with HTTP; Tue, 20 Feb 2018 06:55:35 -0800 (PST)
In-Reply-To: <DM5PR0901MB2375D9F81A87C7FB44F934F1ABCF0@DM5PR0901MB2375.namprd09.prod.outlook.com>
References: <151905929469.18606.10098529260116686519.idtracker@ietfa.amsl.com> <DM5PR0901MB2375D9F81A87C7FB44F934F1ABCF0@DM5PR0901MB2375.namprd09.prod.outlook.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 20 Feb 2018 06:55:35 -0800
Message-ID: <CABcZeBNrZMGPpNs3NbyQ6m0QXu8C4rCf4kcdnY3k3_cS3SoSDg@mail.gmail.com>
To: "Schmidt, Charles M." <cmschmidt@mitre.org>
Cc: The IESG <iesg@ietf.org>, "draft-ietf-sacm-nea-swima-patnc@ietf.org" <draft-ietf-sacm-nea-swima-patnc@ietf.org>, "sacm@ietf.org" <sacm@ietf.org>, "sacm-chairs@ietf.org" <sacm-chairs@ietf.org>, "odonoghue@isoc.org" <odonoghue@isoc.org>
Content-Type: multipart/alternative; boundary="f403043a8c7439ae8c0565a6039d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/NHQ4VzpIiJo2buazQhNb2VHgJkc>
Subject: Re: [sacm] Eric Rescorla's No Objection on draft-ietf-sacm-nea-swima-patnc-02: (with COMMENT)
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Feb 2018 14:56:40 -0000
On Tue, Feb 20, 2018 at 6:21 AM, Schmidt, Charles M. <cmschmidt@mitre.org> wrote: > Hello Eric, > > Thank you very much for the comments. I have only two follow-up questions: > > > An EID is a 4-byte unsigned integer that the SWIMA-PC assigns > > sequentially to each observed event (whether detected in real-time or > > What byte order? > > Section 5.3 (Message Diagram Syntax) states that "Multi-octet fields > representing numeric values MUST be sent in network (big-endian) byte > order." I have tweaked this to simply say "All fields representing numeric > values MUST be sent in network (big-endian) byte order". Is this sufficient > or do feel that this should be reiterated in the individual field > descriptions? (I did go through and make sure that every integer is > explicitly "unsigned", per your other comment.) > > Yeah, I make notes as I go and then left this one because I think that might be confusing as people read in order. I'm not sure what the best approach is, TBH. Maybe say it up front too? > event records MUST only contain events with EIDs that all come from > > the current Epoch. > > How does the SWIMA-PC garbage collect? It seems like the answer is it can > > just change epochs? > > You are correct. The second paragraph of section 3.7.1 (Event Identifiers) > states that "In the case where a SWIMA-PC needs to reset its EID counter, > either because it has exhausted all available EID values or because the > SWIMA-PC's event log becomes corrupted, then a new EID Epoch MUST be > selected." Apart from that passing mention, I don't believe the document > makes any comment. Do you feel additional emphasis on this topic is > necessary? > It confused me a bit. Perhaps you might say "or has exhausted the space allowed for event storage" > > Finally, an aesthetic check on repeated fields. I have attempted the > following: > -------------- > 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Flags | Event Count | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Request ID Copy / Subscription ID | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | EID Epoch | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Last EID | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Last Consulted EID | > ================================================================= > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | EID | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Timestamp > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > Timestamp > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > Timestamp > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > Timestamp > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > Timestamp | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Record Identifier | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Data Model Type PEN |Data Model Type| > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Source Id Num | Action | Software Identifier Length | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Software Identifier (variable length) | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Software Locator Length |Software Locator (variable len)| > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > Figure 8: Software Identifier Events Attribute > > Everything after the line of double bars (======) is repeated a > number of times equal to Event Count. > ------------- > > Do you feel that this clarifies the repeated fields in the diagram? The > alternative would be to do something like: > > 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Flags | Event Count | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Request ID Copy / Subscription ID | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | EID Epoch | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Last EID | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Last Consulted EID | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | | > | SUB-BLOCK (Event Count times) | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > Figure n: Main message > > 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | EID | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Timestamp > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > Timestamp > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > Timestamp > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > Timestamp > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > Timestamp | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Record Identifier | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Data Model Type PEN |Data Model Type| > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Source Id Num | Action | Software Identifier Length | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Software Identifier (variable length) | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Software Locator Length |Software Locator (variable len)| > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > Figure M: Sub-block > > I'm interested in your thoughts as to which of these better clarifies the > nature of the repeated fields. > I think the second is better, but as you say it's aesthetic. FWIW, I usually do these big blockaf (e.g., timestamp) s by eliding the horizontal bars rather than the vertical ones, but again, it's taste. Best, -Ekr > > Thanks again for your help. > > Charles > > > -----Original Message----- > > From: Eric Rescorla [mailto:ekr@rtfm.com] > > Sent: Monday, February 19, 2018 10:55 AM > > To: The IESG <iesg@ietf.org> > > Cc: draft-ietf-sacm-nea-swima-patnc@ietf.org; sacm@ietf.org; Karen > > O'Donoghue <odonoghue@isoc.org>; sacm-chairs@ietf.org; > > odonoghue@isoc.org; sacm@ietf.org > > Subject: Eric Rescorla's No Objection on draft-ietf-sacm-nea-swima- > patnc-02: > > (with COMMENT) > > > > Eric Rescorla has entered the following ballot position for > > draft-ietf-sacm-nea-swima-patnc-02: No Objection > > > > ---------------------------------------------------------------------- > > COMMENT: > > ---------------------------------------------------------------------- > > > > More detail in context at: https://mozphab- > > ietf.devsvcdev.mozaws.net/D3336 > > > > IMPORTANT > > I consider the following comment important, though I have chosen to make > > it a comment rather than a discuss. > > > > Software records on an endpoint are generally not considered to be > > sensitive, although there can be exceptions to this generalization as > > noted in the section on Privacy Considerations. In general, an > > > > I'm not sure where "generally" comes from. I consider it > > sensitive and we know that people have been jailed for running certain > > software. Even the rest of this section provides strong evidence that > > this is sensitive. So I think you should remove this claim and rewrite > > this paragraph to acknowledge that this is sensitive information > > > > MINOR > > The primary use of exchanging software inventory information over the > > PA-TNC interface is to enable a challenger (e.g. NEA Server) to > > obtain inventory evidence about some system in a way that conforms to > > Nit: e.g., > > > > endpoint is providing false information, either through malice or > > error, but instead focuses on correctly and reliably providing the > > reported Software Inventory Evidence Collection to the NEA Server. > > This seems like a pretty significant narrowing of the use cases. Can you > > explain what use cases this is useful for if the machine can lie? > > > > A Record Identifier is a 4-byte integer generated by the SWIMA-PC > > that is uniquely associated with a specific record within the > > In what byte order? Signed or unsigned? If it's actually an integer this > is > > important. > > > > that SWIMA-PV), the SWIMA-PC MUST assign that source a Source > > Identification Number, which is an 8-bit unsigned integer. Each item > > reported includes the Source Identification Number that provided that > > What happens if you have 256 sources? Must these be sequential? > > > > record that is no longer available, the SWIMA-PC SHOULD return a > > 0-length record. > > Is this different from what happens if you are requested to send > something > > that > > never existed? If so, is this a recipe for unlimited growth. > > > > An EID is a 4-byte unsigned integer that the SWIMA-PC assigns > > sequentially to each observed event (whether detected in real-time or > > What byte order? > > > > very first recorded event in a SWIMA-PC's records within an EID Epoch > > MUST be assigned a value of 1 or greater. Note that EID and EID > > Epoch values are assigned by the SWIMA-PC without regard to whether > > Why "or greater" this is the only place you allow a gap. > > > > event records MUST only contain events with EIDs that all come from > > the current Epoch. > > How does the SWIMA-PC garbage collect? It seems like the answer is it can > > just > > change epochs? > > > > records. This ensures that every partial list of event records is > > always complete within its indicated range. > > Is the point here that the list must be consecutive? > > > > | | (8) | PA-TNC specification [RFC5792]. | > > +--------------+------------+---------------------------------------+ > > It's up to you, but isn't this table largely duplicative of S 5.2? > > > > | Software Identifier Length | Software Identifier (var len) | > > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > OK, I think I see what's going on here: you can have an arbitrary number > of > > instances of this block. Maybe you should show more than one in the > > diagram > > with an indication that it's controlled by SWID Count? Or a .... or > something? > > This comment applies to the other PDUs in this document as well. > > > > | Timestamp | > > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > | Timestamp | > > I would not put lines between these timestamp fields because they are > > actually > > one giant field > > > > > >
- [sacm] Eric Rescorla's No Objection on draft-ietf… Eric Rescorla
- Re: [sacm] Eric Rescorla's No Objection on draft-… Schmidt, Charles M.
- Re: [sacm] Eric Rescorla's No Objection on draft-… Eric Rescorla
- Re: [sacm] Eric Rescorla's No Objection on draft-… Schmidt, Charles M.