[sacm] Terminology: Baseline Data Model (WAS: Re: minor comments on draft-lin-sacm-nid-mp-security-baseline-03)
Adam Montville <adam.w.montville@gmail.com> Fri, 27 July 2018 12:08 UTC
Return-Path: <adam.w.montville@gmail.com>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED65D129C6A for <sacm@ietfa.amsl.com>; Fri, 27 Jul 2018 05:08:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SKgrZpDYpt4D for <sacm@ietfa.amsl.com>; Fri, 27 Jul 2018 05:08:47 -0700 (PDT)
Received: from mail-oi0-x235.google.com (mail-oi0-x235.google.com [IPv6:2607:f8b0:4003:c06::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1AEB1126DBF for <sacm@ietf.org>; Fri, 27 Jul 2018 05:08:46 -0700 (PDT)
Received: by mail-oi0-x235.google.com with SMTP id k12-v6so8620210oiw.8 for <sacm@ietf.org>; Fri, 27 Jul 2018 05:08:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=vg14Fez6yah3Q+RaYfukH7aHCD8g7RRozEdpAsPNbPU=; b=ClC8tSxQuY+97vnvF4W5Rq1ODsflKXnR+DrkK2OzhXoTNTT1OVv8wSxIDTXSj13F9o /JwTwzR0BDz0PX85hRebjE3ArwRz+w/oSXx9mSlXZCtlXP8+yS3TJvYeZvB7q0m1BOe/ B4uy2heKE5iZdzy3U3fUK1VB4yGru61JUzyjorqJa5m/LP96DqN54X9neAED9h+guyra kCGEFl8NFnNnaIl06q7RGx4ZSC1wj0ssLkLYdjhm4bl+YsfK+Q49YN3pHCH3VQH/QOeN d/FyRsXkEd1CwVvZN3xxk3kHon71omoju/lLWXBvH+UL35MNC+3wxjpmWnfKOhcUPcit I/UA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=vg14Fez6yah3Q+RaYfukH7aHCD8g7RRozEdpAsPNbPU=; b=R9dvuDyLIrGNTzrtm0VEdrM5N96frHfdT3PyjHyBtrKHlFHwahJy8a07jztwQWCApn LJPCPz4By/4kuaP9Qic+kfm4cw8V4SZHRe6b8ViDnw9m1qchqWl6XMWwrhINH1mDbLQw g2hO/hPdCxlczvZBY1Mf4bw1gFi0E2kKNIKQhVGV7E04okZzCJMkNFnksXedXU4ZeMLa PefAWymjTm40mI0z/HP9eDNoeWZABIIm/p83GjAUuc0AnOi0hZ/R8xPDRUi+psUPvV8h z9XhXPWE/oqlVWwPHeQoBgnob5rRBBtAOmXDVPIUyyf0NkEFRseajuIvDPSfN7t2bc0N FZ/w==
X-Gm-Message-State: AOUpUlE1xoDre85KFXCKUGaHN+UloC5Nbg0Gx86iXse4nrOt3bjaQupx fzZ99rpkPNpvvXoDaVnj6ws=
X-Google-Smtp-Source: AAOMgpdufnzD0Xllqcz6xwzY3gV0wRUA30GuhBAPKohm6zPIJq+d3ax6KdhJttIW9Zz5081iG752Tw==
X-Received: by 2002:aca:44c5:: with SMTP id r188-v6mr5884535oia.280.1532693325446; Fri, 27 Jul 2018 05:08:45 -0700 (PDT)
Received: from afv.lan (99-64-100-131.lightspeed.austtx.sbcglobal.net. [99.64.100.131]) by smtp.gmail.com with ESMTPSA id m62-v6sm6545839oik.30.2018.07.27.05.08.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 27 Jul 2018 05:08:44 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Adam Montville <adam.w.montville@gmail.com>
In-Reply-To: <c197c527-c890-af84-63ab-f992d3c561e2@sit.fraunhofer.de>
Date: Fri, 27 Jul 2018 07:08:42 -0500
Cc: "Xialiang (Frank, Network Integration Technology Research Dept)" <frank.xialiang@huawei.com>, Benjamin Kaduk <kaduk@mit.edu>, Sherif Mansour <cherifmansour@gmail.com>, "Linqiushi (Jessica, CSPL)" <linqiushi@huawei.com>, Jarrett Lu <jarrett.lu@oracle.com>, "sacm@ietf.org" <sacm@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <CD2A7462-4A29-47CF-8BAC-E61B6CA6B408@gmail.com>
References: <E22A9D71257049438949CB43F3A093E621CD9F63@dggeml510-mbx.china.huawei.com> <CAOxmg6tULvLsCE0xp42i5iD6a8V3kC0X94f7G47O2dnLB-G6MQ@mail.gmail.com> <67EDB697-DF05-4E39-A0D8-94B5F285497E@gmail.com> <C02846B1344F344EB4FAA6FA7AF481F12BE741C5@DGGEML522-MBX.china.huawei.com> <1FF32A1A-D3CC-44E1-875F-D91B49526732@gmail.com> <20180725131835.GP92448@kduck.kaduk.org> <5D46260F-0016-4D87-B8B4-E523664D5BDD@gmail.com> <C02846B1344F344EB4FAA6FA7AF481F12BE749D9@DGGEML522-MBX.china.huawei.com> <c197c527-c890-af84-63ab-f992d3c561e2@sit.fraunhofer.de>
To: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/TMmo-3yPXX--eYYwtHBbiYSqNcE>
Subject: [sacm] Terminology: Baseline Data Model (WAS: Re: minor comments on draft-lin-sacm-nid-mp-security-baseline-03)
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Jul 2018 12:08:49 -0000
Splitting out another thread.... > On Jul 26, 2018, at 4:05 AM, Henk Birkholz <henk.birkholz@sit.fraunhofer.de> wrote: > > <snip> > > * terminology (as always) is difficult: "baseline data model" wrt to "security" could imply the existence of guidance how to derive the nominal values and BP (aka a framework that helps the reader to make use of the data model). That is not the case, right? You'll have to define BP for me. Baseline Profile? British Petroleum? I'm just not so astute this morning. I'm not sure that the term necessarily implies the existence of nominal value guidance. To me, the baseline data model, in the SACM context, is simply an enumeration of the security-relevant attributes for the subject technology. Ideally, the nominal value guidance, and a way to get at the framework you mention, would exist, but I don't think the existence of one implies the existence of the other. In fact, I think decoupling these is better than not. Perhaps I'm misunderstanding what you're driving at, Henk? Kind regards, Adam
- [sacm] minor comments on draft-lin-sacm-nid-mp-se… Benjamin Kaduk
- Re: [sacm] minor comments on draft-lin-sacm-nid-m… Adam Montville
- Re: [sacm] minor comments on draft-lin-sacm-nid-m… Benjamin Kaduk
- Re: [sacm] minor comments on draft-lin-sacm-nid-m… Jarrett Lu
- Re: [sacm] minor comments on draft-lin-sacm-nid-m… Linqiushi (Jessica, CSPL)
- Re: [sacm] minor comments on draft-lin-sacm-nid-m… Sherif Mansour
- Re: [sacm] minor comments on draft-lin-sacm-nid-m… Adam Montville
- Re: [sacm] minor comments on draft-lin-sacm-nid-m… Benjamin Kaduk
- [sacm] 答复: minor comments on draft-lin-sacm-nid-m… Xialiang (Frank, Network Integration Technology Research Dept)
- Re: [sacm] 答复: minor comments on draft-lin-sacm-n… Adam Montville
- Re: [sacm] 答复: minor comments on draft-lin-sacm-n… Sherif Mansour
- Re: [sacm] minor comments on draft-lin-sacm-nid-m… Adam Montville
- Re: [sacm] minor comments on draft-lin-sacm-nid-m… Sherif Mansour
- Re: [sacm] 答复: minor comments on draft-lin-sacm-n… Benjamin Kaduk
- Re: [sacm] minor comments on draft-lin-sacm-nid-m… Adam Montville
- [sacm] 答复: minor comments on draft-lin-sacm-nid-m… Xialiang (Frank, Network Integration Technology Research Dept)
- Re: [sacm] 答复: minor comments on draft-lin-sacm-n… Henk Birkholz
- [sacm] Pro/Con WRT To Registry (WAS: Re: minor co… Adam Montville
- [sacm] Terminology: Baseline Data Model (WAS: Re:… Adam Montville