Re: [sacm] Fwd: I-D Action: draft-handt-sacm-asset-identifiers-00.txt
"Baker, Jon" <bakerj@mitre.org> Mon, 29 July 2013 12:00 UTC
Return-Path: <bakerj@mitre.org>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 657AE21F9C05 for <sacm@ietfa.amsl.com>; Mon, 29 Jul 2013 05:00:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qSh8+Qz8YYG7 for <sacm@ietfa.amsl.com>; Mon, 29 Jul 2013 04:59:58 -0700 (PDT)
Received: from smtpksrv1.mitre.org (smtpksrv1.mitre.org [198.49.146.77]) by ietfa.amsl.com (Postfix) with ESMTP id A7CC421F9BA2 for <sacm@ietf.org>; Mon, 29 Jul 2013 04:59:57 -0700 (PDT)
Received: from smtpksrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id 2AB3F1F0817; Mon, 29 Jul 2013 07:59:57 -0400 (EDT)
Received: from IMCCAS02.MITRE.ORG (imccas02.mitre.org [129.83.29.79]) by smtpksrv1.mitre.org (Postfix) with ESMTP id 16F1B1F0584; Mon, 29 Jul 2013 07:59:57 -0400 (EDT)
Received: from IMCMBX03.MITRE.ORG ([169.254.3.165]) by IMCCAS02.MITRE.ORG ([129.83.29.69]) with mapi id 14.02.0342.003; Mon, 29 Jul 2013 07:59:56 -0400
From: "Baker, Jon" <bakerj@mitre.org>
To: Sean Turner <turners@ieca.com>, Adam Montville <Adam.Montville@cisecurity.org>
Thread-Topic: [sacm] Fwd: I-D Action: draft-handt-sacm-asset-identifiers-00.txt
Thread-Index: AQHOielSwf7rGRl9UEGPCH4tOIlvY5l7kNrw
Date: Mon, 29 Jul 2013 11:59:55 +0000
Message-ID: <6C1C15D8B5510B4B8FF132B10D38651304D24C26@IMCMBX03.MITRE.ORG>
References: <20130711165015.29939.87432.idtracker@ietfa.amsl.com> <51DEE295.3050403@ieca.com> <05BCCEB107AF88469B9F99783D47C1D6737A4F@CISEXCHANGE1.msisac.org.local> <05BCCEB107AF88469B9F99783D47C1D6737A73@CISEXCHANGE1.msisac.org.local> <9904FB1B0159DA42B0B887B7FA8119CA12881D69@AZ-FFEXMB04.global.avaya.com> <51F24CA8.5060200@ieca.com>
In-Reply-To: <51F24CA8.5060200@ieca.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [129.83.31.51]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "Romascanu, Dan (Dan)" <dromasca@avaya.com>, "sacm@ietf.org" <sacm@ietf.org>
Subject: Re: [sacm] Fwd: I-D Action: draft-handt-sacm-asset-identifiers-00.txt
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion List for IETFers interested in the Security Content Automation Protocol \(SCAP\)." <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sacm>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Jul 2013 12:00:05 -0000
Quick comment on the draft. I found the following text in the CPE section: " Another major issue with CPE is process by which one is obtained; an application needs to be submitted to NVD (National Vulnerability Database), which is run by the USG (United States Government). This simple fact likely renders CPE, as it is currently specified and operated, as unsatisfactory as the basis for sacm because there will be some non-US entity unwilling or unable to submit an application." CPE 2.3 allows for multiple CPE dictionaries to be maintained. NIST operates the Official CPE dictionary at this time, but we certainly envisioned vendors operating their own CPE dictionaries. For CPE, there are outstanding questions of how best to manage cpe names. To be clear, CPE should not be considered an Asset Identifier. It was not designed for that purpose. Thanks, Jon ============================================ Jonathan O. Baker G022 - IA Industry Collaboration The MITRE Corporation Email: bakerj@mitre.org >-----Original Message----- >From: sacm-bounces@ietf.org [mailto:sacm-bounces@ietf.org] On Behalf Of >Sean Turner >Sent: Friday, July 26, 2013 6:17 AM >To: Adam Montville >Cc: Romascanu, Dan (Dan); sacm@ietf.org >Subject: Re: [sacm] Fwd: I-D Action: draft-handt-sacm-asset-identifiers-00.txt > >Dan beat me to it. It's a tree structure that may or may not have >meaning at each "node". It depends on what we're looking for. > >spt > >On 7/26/13 9:25 AM, Romascanu, Dan (Dan) wrote: >> OIDs are basically a tree structure. One can design the tree so that OIDs >belonging to the same class are grouped under the same node. >> >> Would this be sufficient? >> >> Regards, >> >> Dan >> >> >> >> >>> -----Original Message----- >>> From: sacm-bounces@ietf.org [mailto:sacm-bounces@ietf.org] On Behalf >Of >>> Adam Montville >>> Sent: Thursday, July 25, 2013 8:37 PM >>> To: Sean Turner; sacm@ietf.org >>> Subject: Re: [sacm] Fwd: I-D Action: draft-handt-sacm-asset-identifiers- >>> 00.txt >>> >>> I may have answered my own question actually digging into it. So, if >>> I'm understanding this right, it seems like we'd be seeing arcs that >>> would have OIDs that are named, which would have some node that acts >as >>> a class of the instances found below... Maybe I'm still wrong. More >>> digging. >>> >>>> -----Original Message----- >>>> From: sacm-bounces@ietf.org [mailto:sacm-bounces@ietf.org] On Behalf >>>> Of Adam Montville >>>> Sent: Thursday, July 25, 2013 10:04 AM >>>> To: Sean Turner; sacm@ietf.org >>>> Subject: Re: [sacm] Fwd: I-D Action: >>>> draft-handt-sacm-asset-identifiers- >>>> 00.txt >>>> >>>> Being the transcriber of NISTS Asset Identification standard to an I-D >>>> format (now expired), I have some questions about this proposal. >>>> First, however, I like the way this reads and flows and I enjoyed >>>> reading it, much like I enjoyed reading the alternate architecture >>> document. >>>> >>>> It seems that draft-handt-sacm-asset-identifiers-00 is squarely >>>> focused on instance-level identity, identification, and identifiers. >>>> I believe, that we have several levels of "identification" >>>> requirements. We do want instance-level identification, and I believe >>>> OIDs, as proposed, could be a good solution. I believe we also want >>>> class-level identification, for which we have been considering CPE. >>>> >>>> For example, I may have several OIDs, one for each of a Windows Server >>>> 2008 instance, RHEL 6 instance, Windows Server 2012 instance, and >>>> Solaris 9 instance. Now, I want to find all the assets in the >>>> "Windows" class, which would be the set of two OIDs representing the >>>> WS2008 and WS2012 instances. We could leave it up to implementers to >>>> provide this type of functionality, but would it not be useful to have >>>> some standardized way to represent that class? >>>> >>>> An honest question: How would this proposal handle class-level >>>> identification? Or, do we collectively believe there is no such need? >>>> >>>> Adam >>>> >>>>> -----Original Message----- >>>>> From: sacm-bounces@ietf.org [mailto:sacm-bounces@ietf.org] On Behalf >>>>> Of Sean Turner >>>>> Sent: Thursday, July 11, 2013 9:51 AM >>>>> To: sacm@ietf.org >>>>> Subject: [sacm] Fwd: I-D Action: >>>>> draft-handt-sacm-asset-identifiers-00.txt >>>>> >>>>> More food for thought. >>>>> >>>>> spt >>>>> >>>>> -------- Original Message -------- >>>>> Subject: I-D Action: draft-handt-sacm-asset-identifiers-00.txt >>>>> Date: Thu, 11 Jul 2013 09:50:15 -0700 >>>>> From: internet-drafts@ietf.org >>>>> Reply-To: internet-drafts@ietf.org >>>>> To: i-d-announce@ietf.org >>>>> >>>>> >>>>> A New Internet-Draft is available from the on-line Internet-Drafts >>>> directories. >>>>> >>>>> >>>>> Title : sacm: Asset Identifier >>>>> Author(s) : Russ Housley >>>>> Sean Turner >>>>> Filename : draft-handt-sacm-asset-identifiers-00.txt >>>>> Pages : 7 >>>>> Date : 2013-07-11 >>>>> >>>>> Abstract: >>>>> This document examines the asset identifiers available for sacm >>> and >>>>> it proposes that OIDs (Object Identifiers) be selected as the >>> asset >>>>> identifier format. >>>>> >>>>> >>>>> The IETF datatracker status page for this draft is: >>>>> https://datatracker.ietf.org/doc/draft-handt-sacm-asset-identifiers >>>>> >>>>> There's also a htmlized version available at: >>>>> http://tools.ietf.org/html/draft-handt-sacm-asset-identifiers-00 >>>>> >>>>> >>>>> Internet-Drafts are also available by anonymous FTP at: >>>>> ftp://ftp.ietf.org/internet-drafts/ >>>>> >>>>> _______________________________________________ >>>>> I-D-Announce mailing list >>>>> I-D-Announce@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/i-d-announce >>>>> Internet-Draft directories: http://www.ietf.org/shadow.html or >>>>> ftp://ftp.ietf.org/ietf/1shadow-sites.txt >>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> sacm mailing list >>>>> sacm@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/sacm >>>>> >>>>> ... >>>> >>>> This message and attachments may contain confidential information. If >>>> it appears that this message was sent to you by mistake, any >>>> retention, dissemination, distribution or copying of this message and >>>> attachments is strictly prohibited. Please notify the sender >>>> immediately and permanently delete the message and any attachments. >>>> _______________________________________________ >>>> sacm mailing list >>>> sacm@ietf.org >>>> https://www.ietf.org/mailman/listinfo/sacm >>>> >>>> ... >>> >>> This message and attachments may contain confidential information. If >>> it appears that this message was sent to you by mistake, any retention, >>> dissemination, distribution or copying of this message and attachments >>> is strictly prohibited. Please notify the sender immediately and >>> permanently delete the message and any attachments. >>> _______________________________________________ >>> sacm mailing list >>> sacm@ietf.org >>> https://www.ietf.org/mailman/listinfo/sacm >> _______________________________________________ >> sacm mailing list >> sacm@ietf.org >> https://www.ietf.org/mailman/listinfo/sacm >> >_______________________________________________ >sacm mailing list >sacm@ietf.org >https://www.ietf.org/mailman/listinfo/sacm
- [sacm] Fwd: I-D Action: draft-handt-sacm-asset-id… Sean Turner
- Re: [sacm] Fwd: I-D Action: draft-handt-sacm-asse… Adam Montville
- Re: [sacm] Fwd: I-D Action: draft-handt-sacm-asse… Adam Montville
- Re: [sacm] Fwd: I-D Action: draft-handt-sacm-asse… Gunnar Engelbach
- Re: [sacm] Fwd: I-D Action: draft-handt-sacm-asse… Romascanu, Dan (Dan)
- Re: [sacm] Fwd: I-D Action: draft-handt-sacm-asse… Sean Turner
- Re: [sacm] Fwd: I-D Action: draft-handt-sacm-asse… Baker, Jon