Re: [sacm] SACM Architecture Draft

"Waltermire, David A. (Fed)" <david.waltermire@nist.gov> Tue, 19 February 2019 15:28 UTC

Return-Path: <david.waltermire@nist.gov>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E11AC130E6A for <sacm@ietfa.amsl.com>; Tue, 19 Feb 2019 07:28:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.011
X-Spam-Level:
X-Spam-Status: No, score=-0.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nist.gov
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KGwEb410MoQ0 for <sacm@ietfa.amsl.com>; Tue, 19 Feb 2019 07:28:45 -0800 (PST)
Received: from GCC01-DM2-obe.outbound.protection.outlook.com (mail-eopbgr840095.outbound.protection.outlook.com [40.107.84.95]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EF61A130E0A for <sacm@ietf.org>; Tue, 19 Feb 2019 07:28:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nist.gov; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DGG6rE1XC4332eUS2KWlug5ckeMppvaf0Xuh9dWKRGU=; b=ncMf7FtJLsgJ50xdw8bmYOGR1Ypr19feJ9/zEJgjkug/sqqZ4/3ONreTDJRe0xlO2oojPFKeBThl9g9RNGPP1isgpTKvip3tYimGx61nhKUKKymXKy3T4AbX3QUMqhEBtueuTNb1fWlZ9jeE7OwpLYNtA1EBxa2LmPLMSgyTS0s=
Received: from SN6PR09MB3264.namprd09.prod.outlook.com (20.177.251.21) by SN6PR09MB3261.namprd09.prod.outlook.com (20.177.251.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1622.19; Tue, 19 Feb 2019 15:28:42 +0000
Received: from SN6PR09MB3264.namprd09.prod.outlook.com ([fe80::4482:2a28:1905:faa7]) by SN6PR09MB3264.namprd09.prod.outlook.com ([fe80::4482:2a28:1905:faa7%2]) with mapi id 15.20.1622.018; Tue, 19 Feb 2019 15:28:42 +0000
From: "Waltermire, David A. (Fed)" <david.waltermire@nist.gov>
To: Bill Munyan <bill.munyan.ietf@gmail.com>, Sherif Mansour <cherifmansour@gmail.com>
CC: Jarrett Lu <jarrett.lu@oracle.com>, Adam Montville <adam.w.montville@gmail.com>, "<sacm@ietf.org>" <sacm@ietf.org>
Thread-Topic: [sacm] SACM Architecture Draft
Thread-Index: AQHUnitVjE4Agv1/RkSRtSBOru0kSqXgXuGAgACyLQCABSx9gIABTByAgAABayA=
Date: Tue, 19 Feb 2019 15:28:42 +0000
Message-ID: <SN6PR09MB32649BCF672B3D9E449A3699F07C0@SN6PR09MB3264.namprd09.prod.outlook.com>
References: <0AE1CB07-A9CF-4821-9F1B-4FCCF53C4AA3@gmail.com> <9e8f4cb9-d893-66cd-2900-183a6b0cc9e5@oracle.com> <332612F4-C281-42CE-85DD-5A2D862293F9@gmail.com> <CAOxmg6sGHR8e0wf0wGXEutNcPFY7sCzCw2H8oXScaP5Yurnm=g@mail.gmail.com> <CAKUOEQy78a3kGiYScBeJWLxN2Nuz8c5xNeGy=6262pVmGAwnmA@mail.gmail.com>
In-Reply-To: <CAKUOEQy78a3kGiYScBeJWLxN2Nuz8c5xNeGy=6262pVmGAwnmA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=david.waltermire@nist.gov;
x-originating-ip: [129.6.224.58]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 23a1def2-1ce4-48dd-0f74-08d6967eee23
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600110)(711020)(4605104)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(49563074)(7193020); SRVR:SN6PR09MB3261;
x-ms-traffictypediagnostic: SN6PR09MB3261:
x-ms-exchange-purlcount: 3
x-microsoft-exchange-diagnostics: =?utf-8?B?MTtTTjZQUjA5TUIzMjYxOzIzOkd4UUFvRnNhVzZWRlBBNGVGOWxob3lhVCsx?= =?utf-8?B?R1g3dHFoNVJIMndnTDB2Y0p6OS9ta0twclF2VFBJbldnYjlTejk0OSs0S0Jh?= =?utf-8?B?K3NkVWFjTnNNQVgzbHl2UXpMak5Ga0o4NTRhSXNmRE1JVm5lek1FaDhhRVZL?= =?utf-8?B?WDZrbk4xaWt1VjltNjJFb3BacDM3TUUxOTJzaHgzQjEva1MveHJOeHZxV1B5?= =?utf-8?B?MEo1L1lQaXJybVh0cC8rNkZUMldEWmRpeGRhSkxpc3EwNnNQUWFkUEhhWGMw?= =?utf-8?B?am1VMnhJOVZMUUZUc3RTZ0J6eEc5ZkpEeGwzNE8xdzl4OEZBN2tkdGFua2ZK?= =?utf-8?B?WUdxcllZdFZEOEhRcCttU1l5YVhwR3ZvSExyN2c1WlR4cTFoeDFuclI0Z2Za?= =?utf-8?B?dk1uanBhMXVNWXY0ckpyc29lbURqV2ZsYkdZKzZVUSswUzNXa2ErMDlmZ3hS?= =?utf-8?B?UGVPamRVR28xSVFxNWEwUzh5VDFpRUc2d0M1TTk2QW8zWThMcHc2RktBTFVV?= =?utf-8?B?bHRtRVJxc3N5NmFRMWhKTFlneGlHN2d3UFY4YnR2alpuY2pFZmhWdmIxcTd0?= =?utf-8?B?cHhkMHhHaHkwOXJhOGZDbDZoWUdseVc0T2dDcHFmOWJuQ3FrelpWVmNDNkJG?= =?utf-8?B?T3VIRFMzRldwU3ZNNmJ2bGlxeXRhMFZicGFVVFhPYzlQK0RLS3FvUlduMms4?= =?utf-8?B?aWE5MGtxL3NHQWRlSlJsSUNJak9kd1Y4NTIzTnF5WkZFa2JzS0hjTmpkdjk1?= =?utf-8?B?OXZ4T3RCOHo5akJQcFkxYkVFZ0RHdklGT0xWNXdHSGtuTVNhZEdXM1pwQkhY?= =?utf-8?B?Nzd1ckM3MWY2MVlIVkR0VlFRTkhJaEdCNWh4eG1iU1Y5OEZUdmhrUEd3bWZB?= =?utf-8?B?Q0xCNmxaUTNiWDcxUWtqa0tmQmdXM0NyQmJYbHErK1doWnpwN1VHbUJ4NHdm?= =?utf-8?B?RXRJY3hFMDdVSUNHY2h2WSt5akE2RFk3QmhRc3BCVVNPdHB5bDIxQzJGajN3?= =?utf-8?B?bC91NERNNXBKcmp1L202eEhqUDIxckVaUjE3dmYzU1lWZWNYTzNNMm9jem1J?= =?utf-8?B?OGlmSDd3RU1aeFZ1MW5UeUM1OFlmS3ZTUGM5QnRQT0JnUHFuMHNJZGZzZ0gr?= =?utf-8?B?cng0bWxxQ296TXZtUytRMlFpU05pVjJRaUVrWVlORmRKRnV6d0VzTmtiN2FE?= =?utf-8?B?ZnlZcjJYb1I4YzFsWDBGc2VQSTVWVWVUYUViUXRnQndsV3laZkozMUgrcWVV?= =?utf-8?B?UU1vUmREQTRxRElGajVGb3Q0WE1oZ2FnZjNlV2g3YkZtdGJ4UHAzZGxoM24w?= =?utf-8?B?NXgrM1ArMmRybldQREZiVTR3ZWZtZTdndURNZmt0ei9aSGw0bTNlUjVvRW8w?= =?utf-8?B?NHJkNSt4ZTcraGM4TGxqSWJ6R01ZcFZFMkRSOGoyajQ5U21TUllncEFmZmdX?= =?utf-8?B?U2JiWm5YaDZLWitqZzR0SzNlVlNuWExtellyNHB3dDRiWjBjMW5NMURDTkVE?= =?utf-8?B?WE4waktJb1BxYytxVy9pQnBqaDRtMzN1c3lrUzB5QmloTmJzNFFUUjNPcjBG?= =?utf-8?B?WFRCa0p6cERoZEhyaEIyOGxzVUtreWdaTkpoWVhDSGJjYlNKL29oY0EyOTlM?= =?utf-8?B?RmdPNXZ5RWhuNVlDeFNTZnhueVRhWitudk9xZW4wVk8wTFc4RVJNeEx0N0ts?= =?utf-8?B?cTNqU011cDlRc0RhYlJhZktuMDNORk4vWmp1VTIvQmlBQ1BTV0wyaUg5VkxL?= =?utf-8?B?cjcrNzExVDhxajByMnhNMWF5bkViSitKZnNxSUFObHJ2dWxlaXFoNUkyRnY2?= =?utf-8?B?Zm4vN3FqU0w3MUNVVTBxMjZKQ2hGZUZXOFBiSllUdE02QkwzRm1oalljWTFu?= =?utf-8?B?dGlGcW1jRjJDU2lWTmJrWHhuNHIrKzJheGU0LzMzaGUzVnk4UklZeUQwLzBy?= =?utf-8?Q?FxHG0ifwYsVFTlmeVBkjDEtsS7fP0E=3D?=
x-microsoft-antispam-prvs: <SN6PR09MB3261C872CA89B37E4DE06A3EF07C0@SN6PR09MB3261.namprd09.prod.outlook.com>
x-forefront-prvs: 09538D3531
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(136003)(396003)(346002)(39860400002)(376002)(53754006)(189003)(199004)(8676002)(110136005)(7736002)(733005)(105586002)(81156014)(14444005)(4326008)(256004)(54556002)(54896002)(8936002)(6306002)(55016002)(7696005)(81166006)(97736004)(53936002)(316002)(966005)(3846002)(74316002)(478600001)(54906003)(25786009)(236005)(9686003)(6436002)(93886005)(2906002)(6506007)(102836004)(476003)(229853002)(53546011)(6116002)(66066001)(76176011)(446003)(790700001)(30864003)(11346002)(486006)(71190400001)(71200400001)(6246003)(68736007)(99286004)(33656002)(106356001)(99936001)(606006)(26005)(86362001)(14454004)(186003)(5660300002); DIR:OUT; SFP:1102; SCL:1; SRVR:SN6PR09MB3261; H:SN6PR09MB3264.namprd09.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: uZGNMKmObR9xwegqdT20E1aa3StUVZRw65lHpOILDOhi53UpEUQ4XL4cFd9zijJkCmizAXqU/1JNm8uiroCkG2GT+DQw8D2Z371HRp6915jECncXTL5TVt6BfYJFXpOiGetYbCF9xH1M0trWKPglBVNcNQGJhQiXt3/zQaoQwBrI4w6Z1yhu+3iuhqU1xcqxOKsgxf0r4YY7ZHbhtpH9sqWkYakA5OOFZUe3BGDKOUwTu7DHiSPN5oRvmlt2ulu/n6kLGeNTX9AvSf49/tMdQxTEojgWb91if7L24LaQM+26FApwRbCykZPbsiYyCGvVESsIugIu92IqAeKKWI/MBAhlziTcVCOxAZaNmBhLLxB2sdBIZPKePztrrLFon/GqgtVY/A0EuMzoAKJ/lw7A63brLrEpOwjUwqrF/Hxv+nc=
Content-Type: multipart/related; boundary="_005_SN6PR09MB32649BCF672B3D9E449A3699F07C0SN6PR09MB3264namp_"; type="multipart/alternative"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-Network-Message-Id: 23a1def2-1ce4-48dd-0f74-08d6967eee23
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Feb 2019 15:28:42.3563 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR09MB3261
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/h-BLqE4UnI1qCTwsDx9pTfEexFA>
Subject: Re: [sacm] SACM Architecture Draft
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Feb 2019 15:28:50 -0000

Organizations will need to interact with repositories operated by other organizations (e.g., the National Vulnerability Database, CVE project, etc.) as well as local repositories that host historic information. In some cases, clients might not know what to specifically query, but may instead need to browse through hosted data to find what information they are interested in. A request/response communication pattern is ideal for this type of interaction.

A message bus is ideal for exchanging up-to-date information or for notifying participating clients when new information is available from a service. It might be best to allow for both types of solutions in the SACM architecture. There are numerous ways to provide for a common authentication model without performing all authentication/communications through a message bus.

Where I see value in a message bus is for discovery of services, for notifications of new data being available in a service, and to flow new data through the system. I don’t think it is practical to force all components to communicate only through the message bus.

Here is a potential flow with a hybrid of both types of communications.

1) Client authenticates to the message bus and subscribes to notifications of new configuration checklist data.
2) A ROLIE server syndicates new checklist data from the NVD, from the national checklist program repository using the ROLIE protocol.
3) The ROLIE server notifies all clients that this data is available over the message bus.
4) A collection client queries the ROLIE server to retrieve new checklist data, and to find relevant historic checklist data it needs to collect for. It may also request SWID tags, OVAL definitions, and other supporting information from local or remote services to determine what to collect.
5) Collection in performed, perhaps on an ongoing basis, and collected data can then be published over the message bus and also stored to directly associated storage locations (e.g., CMDBs).

A message bus only solution would complicate the communication in #4 above, and would not account for remote communications in #2 and #4 at all. In all cases above, communication can occur using standardized interfaces. Some use a message bus, others use interfaces provided by other protocols like ROLIE. This also allows for a cooperative ecosystem, and doesn’t diminish from vendors providing solutions that can plug in.

Regards,
Dave

From: sacm <sacm-bounces@ietf.org>; On Behalf Of Bill Munyan
Sent: Tuesday, February 19, 2019 9:54 AM
To: Sherif Mansour <cherifmansour@gmail.com>;
Cc: Jarrett Lu <jarrett.lu@oracle.com>;; Adam Montville <adam.w.montville@gmail.com>;; <sacm@ietf.org>; <sacm@ietf.org>;
Subject: Re: [sacm] SACM Architecture Draft

Sherif,

Thanks for reading the draft and providing feedback!  We really appreciate it...  I have some comments/questions in-line:

> Should the downstream users pull their data from the repo (an authoritative data source) instead of the message bus?
> That way, there is a consistent view of that the current state of an end-point security posture and analysis can be built on top if it. I would not think it can be > done directly from the message bus. I also would think the information from the repo would be bi directional?

[Bill M]:
The idea behind the message transfer system is to help define the interfaces between components..  The intent here is really to help create a "cooperative ecosystem", enabling vendors to plug in components where they fit in the architecture, develop custom components where necessary, etc.

Whether the "message transfer system" exists over a message bus, integration pattern, REST interface, or other, the downstream functions would have access to the repository (or repositories) over some sort of "query" interface.  In the case of XMPP being used as the message transfer system, that interface could be a request using a custom IQ stanza with query information, and a response with the requested information.  In a solution which consolidates a results repository with reporting, there may just be a simple web application to visualize the data.

I agree the information in the repository is bi-directional, and the diagram is intended to reflect that.

> Equally had some question on the data ingest (message bus) I assume there is an Access model as not everything on the message bus is to be accessible by > everyone, is that taken into consideration?

[Bill M]:
I would also agree there would be an access model necessary, but that can be solution-specific.  Again using the XMPP-based solution, that access model could be maintained through the orchestrator's roster, roster groups, various pub-sub nodes, etc.  Is there a particular access model you had in mind when asking this question?  Any solution-based ideas on this certainly help me personally in visualizing all the concepts.

> Should the Orchstrator have a direct connection to the Repo, there are cases where the orchestrator needs reference data in order to tell the posture > managers what to do and not just react to them. Additionally there are cases where what the posture manager finds from the collectors will be different than > what is on file in inventory and the discrepancy.

[Bill M]:
In the first diagram, the orchestrator would have a connection to the repo via the message transfer system.  This is a great question that will help us discover more about the interfaces we need to describe further in the document.  That "query" interface from the orchestrator can assist in getting the necessary reference data before sending collection requests off to the various collectors in the ecosystem.

Hope that helps!  Glad to keep the conversation going as well, so thank you again for your review and feedback.

Cheers,
Bill M.


On Mon, Feb 18, 2019 at 2:06 PM Sherif Mansour <cherifmansour@gmail.com<mailto:cherifmansour@gmail.com>> wrote:
Hey Everyone,
Sorry for popping in so infrequently. I have taken a brief look at the architecture, and I have some feedback:
Should the downstream users pull their data from the repo (an authoritative data source) instead of the message bus?
That way, there is a consistent view of that the current state of an end-point security posture and analysis can be built on top if it. I would not think it can be done directly from the message bus. I also would think the information from the repo would be bi directional?
Equally had some question on the data ingest (message bus) I assume there is an Access model as not everything on the message bus is to be accessible by everyone, is that taken into consideration?
[image..png]
Should the Orchstrator have a direct connection to the Repo, there are cases where the orchestrator needs reference data in order to tell the posture managers what to do and not just react to them. Additionally there are cases where what the posture manager finds from the collectors will be different than what is on file in inventory and the discrepancy.
[image.png]

On Fri, Feb 15, 2019 at 12:05 PM Adam Montville <adam.w.montville@gmail.com<mailto:adam.w.montville@gmail.com>> wrote:
Hi Jarret,

Thank you for reading through the draft. Happy to talk about some of these things today during the interim. I think we would prefer that interfaces/capabilities are first described abstractly — irrespective of any specific messaging solution — and then use XMPP-Grid+ as an implementation example.

Kind regards,

Adam


On Feb 14, 2019, at 7:27 PM, Jarrett Lu <jarrett.lu@oracle.com<mailto:jarrett.lu@oracle.com>> wrote:


Hi Adam & SACM,

I read the (active) architecture draft, and I believe it's a good one. The hackathon work reflected in the draft definitely carries some weight.

Some architecture entities could be expanded and described at a more abstract level. For example, this draft appears to equate "capabilities" with set of interfaces. Are SACM capabilities supposed to be discoverable? If so, how should it be represented? If capabilities/functional interfaces are described in more general terms, and use XMPP-grid+ as an example of how it meets the functional requirements, this may make it appear less solution-centric.

I vote for including workflows in the architecture document. It just reads better that way. It will increase the document size and takes longer to finish. As long as good progress is being made, is it really urgent to finish and publisher the architecture document.

I think the Security Consideration section of the old architecture draft is pretty good. Do XMPP-grid XEPs adress the MitM, transport integrity and confidentiality concerns mentioned there?

Regards.

- Jarrett

On 12/27/18 01:29 PM, Adam Montville wrote:
Dear SACM,

Happy (belated) Holidays and a Happy New Year to you!

At our recent virtual interim meeting I promised to post a note to the list regarding our architecture draft to do three things:

  1.  Request review
  2.  Indicate whether we (the authors) believe it's on the right track
  3.  Assuming 2 is good, a list of what's left to be done.
So, we're going to start with 2, move on to 3, and then end with 1...

Bill and I both believe that the architecture draft is, indeed, on the right track. Henk, and possibly others (Nancy?), have described this draft as being too solutions-specific. Section 3, "Architectural Overview" is intended to be the place in this draft to describe the abstract ideas in the architecture. Section 3.1 talks a little bit about the roles of the SACM Components, and Section 3.2 provides the known information about an XMPP-based instantiation of the architecture (note Appendix A maps this instantiation back to our SACM requirements, RFC8248).

Assuming that we are on the right track, then here's what we think yet needs to be done:


  *   Document specific Components, Capabilities, Interfaces, and Workflows

     *   IT Asset Management could probably stand to be fleshed out
     *   Vulnerability Management is reasonable documented in this draft, but may need work
     *   Configuration management probably needs to be fleshed out as well (needs to be tied to SACM Use Cases)

  *   Determine where to document the above (in this draft or in new drafts), which will determine how long this draft takes to complete.
  *   Prague hackathon to continue the trend of discovering an XMPP-based solution
  *   TODOs in the draft

     *   Privacy Considerations
     *   Security Considerations

  *   Flesh out our IANA Considerations

     *   Will likely result in additional draft work


Clearly, there's a lot to be done here, and we really need your specific, actionable feedback on this draft. Feel free to reach out here or to either of us directly.

This draft in GitHub: https://github.com/sacmwg/draft-ietf-sacm-arch

This draft on the SACM documents page: https://datatracker.ietf.org/doc/draft-ietf-sacm-arch/<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-sacm-arch%2F&data=02%7C01%7Cdavid.waltermire%40nist.gov%7Ccefa6df9e0a9432bedc908d6967a3e1d%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636861849106737807&sdata=mgt4EPWcuBsLx3DR1sx01TbCEUlt6F37FpqKroSJNjI%3D&reserved=0>


Kind regards,

Adam & Bill


_______________________________________________

sacm mailing list

sacm@ietf..org<mailto:sacm@ietf.org>

https://www.ietf.org/mailman/listinfo/sacm<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fsacm&data=02%7C01%7Cdavid.waltermire%40nist.gov%7Ccefa6df9e0a9432bedc908d6967a3e1d%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636861849106747816&sdata=YVjK0x2u12K9Ds3GWE4ekxjJrQsGu7CxVlEXHyLduik%3D&reserved=0>

_______________________________________________
sacm mailing list
sacm@ietf.org<mailto:sacm@ietf.org>
https://www.ietf.org/mailman/listinfo/sacm<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fsacm&data=02%7C01%7Cdavid.waltermire%40nist.gov%7Ccefa6df9e0a9432bedc908d6967a3e1d%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636861849106757821&sdata=g%2Bt4sWCXGlkpiUnrQcAUFZir6pSmRODJgcOSYI%2FWrZs%3D&reserved=0>

_______________________________________________
sacm mailing list
sacm@ietf.org<mailto:sacm@ietf.org>
https://www.ietf.org/mailman/listinfo/sacm<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fsacm&data=02%7C01%7Cdavid.waltermire%40nist.gov%7Ccefa6df9e0a9432bedc908d6967a3e1d%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636861849106757821&sdata=g%2Bt4sWCXGlkpiUnrQcAUFZir6pSmRODJgcOSYI%2FWrZs%3D&reserved=0>
_______________________________________________
sacm mailing list
sacm@ietf.org<mailto:sacm@ietf.org>
https://www.ietf.org/mailman/listinfo/sacm<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fsacm&data=02%7C01%7Cdavid.waltermire%40nist.gov%7Ccefa6df9e0a9432bedc908d6967a3e1d%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636861849106767830&sdata=RDvylTUYEQKBFEyoecw35wfzIIBRGG7K4YxJ5250Lw8%3D&reserved=0>