IETF Logo Mail Archive

Re: [sacm] Some comments about draft-ietf-sacm-ecp-02:

"Haynes Jr., Dan" <dhaynes@mitre.org> Tue, 28 August 2018 18:55 UTC

Return-Path: <dhaynes@mitre.org>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 827A3130E21; Tue, 28 Aug 2018 11:55:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.309
X-Spam-Level:
X-Spam-Status: No, score=-4.309 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mitre.onmicrosoft.com header.b=CBA/NXio; dkim=pass (1024-bit key) header.d=mitre.org header.b=hzeINvkY
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AGQQ5pUOajQX; Tue, 28 Aug 2018 11:55:05 -0700 (PDT)
Received: from smtpvmsrv1.mitre.org (smtpvmsrv1.mitre.org [192.52.194.136]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32C31128B14; Tue, 28 Aug 2018 11:55:01 -0700 (PDT)
Received: from smtpvmsrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id E45616C007D; Tue, 28 Aug 2018 14:55:00 -0400 (EDT)
Received: from imshyb01.MITRE.ORG (unknown [129.83.29.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by smtpvmsrv1.mitre.org (Postfix) with ESMTPS id CCBF46C0078; Tue, 28 Aug 2018 14:55:00 -0400 (EDT)
Received: from imshyb01.MITRE.ORG (129.83.29.2) by imshyb01.MITRE.ORG (129.83.29.2) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Tue, 28 Aug 2018 14:55:00 -0400
Received: from GCC01-DM2-obe.outbound.protection.outlook.com (10.140.19.249) by imshyb01.MITRE.ORG (129.83.29.2) with Microsoft SMTP Server (TLS) id 15.0.1263.5 via Frontend Transport; Tue, 28 Aug 2018 14:54:59 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mitre.onmicrosoft.com; s=selector1-mitre-org; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=B/O6qZkJYxD7YpyCb+8PEDWskR3Xv1jPs6TZ8biW0Ug=; b=CBA/NXioZ0KZ6kMq4MX0IqfU0zLgmqpcxXw+Hc0jvFmh7JIipty9iFyhDZ7qHEAKx7wbfba4qxJYK+cl15lroqRRQBzjeId0UQwZzrNf+n6bwq5sGv6ZrVxsqcdFeGqg9g8ASj/Jgks8+1sMMUox7XHBxuklE4uvfVHrWHXQzHI=
Received: from DM6PR09MB2714.namprd09.prod.outlook.com (20.176.97.148) by DM6PR09MB2716.namprd09.prod.outlook.com (20.176.97.150) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1080.14; Tue, 28 Aug 2018 18:54:58 +0000
Received: from DM6PR09MB2714.namprd09.prod.outlook.com ([fe80::a095:9859:26bb:93f1]) by DM6PR09MB2714.namprd09.prod.outlook.com ([fe80::a095:9859:26bb:93f1%4]) with mapi id 15.20.1080.015; Tue, 28 Aug 2018 18:54:58 +0000
From: "Haynes Jr., Dan" <dhaynes@mitre.org>
To: "Xialiang (Frank, Network Integration Technology Research Dept)" <frank.xialiang@huawei.com>, "draft-ietf-sacm-ecp.authors@ietf.org" <draft-ietf-sacm-ecp.authors@ietf.org>
CC: "sacm@ietf.org" <sacm@ietf.org>
Thread-Topic: Some comments about draft-ietf-sacm-ecp-02:
Thread-Index: AdQ6stykQ81ODcpdQGqWGrUg/llyvwEIMcvA
Date: Tue, 28 Aug 2018 18:54:58 +0000
Message-ID: <DM6PR09MB2714DD4F6AC160D4F4637DBEA50A0@DM6PR09MB2714.namprd09.prod.outlook.com>
References: <C02846B1344F344EB4FAA6FA7AF481F12C851426@dggemm511-mbs.china.huawei.com>
In-Reply-To: <C02846B1344F344EB4FAA6FA7AF481F12C851426@dggemm511-mbs.china.huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=dhaynes@mitre.org;
x-originating-ip: [192.160.51.87]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM6PR09MB2716; 6:4+x+LxX5kGcNrjw5Lyj9SBK8Q7FSJUpkF2h0jcboeFLp2bpa1JrvcgS54urdHlxP3hyj51V31XITuNqCib++UmWA8T4Tue7FZkRWTN7s/kcAsNdQhOQ9GEbMwTKXUa+6PXUqFKk+hJ+Q8MUBtspmgVSGnKH4jDQzMn/x4Zlnorfuff3SHjx1tiYAFD3EggWadDyrICvVjdf0cpmxlRz9xLQy99Q4Kj+iOiwg/OAU8A+O2vrA2+bq31bGdf9yq6WUIQ1eavoYUPQmx/bBNOobVskRrDVDuFAV1VabDUGbdX7EpGDsV2j/3Ip9MuNoEzmD+K0qO1Z7KUE/EyFI7ylykM7c1nEZWE1m86cNIfUqB/1o6phSnCwP8fr5uccmkwNVWCPvk3t1UW35jpf9bBuxD42JHvqWm5LimhmEi7QSpPEK67JKGT0XhrETfjj1vetuiVE7Prr0cb5ROowcwm6cDA==; 5:y217fwwutjZLKu/FCyEaxJ4/0RoFcwgCJrEyDX9uFFBlCWg8vSfwPeY3eBOFJzJvEE/rHdUjU4DE9q+zcvVU58m4a0ufMTr1X8MdxocwgO8FM7GVQWRzSbQ5VNXQkY+OUk8p3HlcYWce7qAlEKjSHzzpCfKKsC/R2zDNKgVtjhQ=; 7:SgOEZIzdK1X+31GZ9pNqC205PnnCTogAdMxhr2qoaLuE7oNkjrUCun7JP+ZhZE2uJQP2M9y/qgKCiNVeOeyTOhYFBIOpZAKb6DvJTRSa75A7tQXkRwGlPn5pDB1UyKStz+py4iRtRE7rqZ3Yn1epDufznefV7/vhXj6fHaAR57T5YBLeFgLT+RcSMWm6mKjwv3VZRmsepmq3v+4dYTtgGCa/a/fSFXNyONXuffUMkVfQxy7N7q7uEwZI1PRN5TmE
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 26efbd55-4bfe-4782-06e9-08d60d17c0b6
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989137)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(5600074)(711020)(4618075)(2017052603328)(7153060)(7193020); SRVR:DM6PR09MB2716;
x-ms-traffictypediagnostic: DM6PR09MB2716:
x-microsoft-antispam-prvs: <DM6PR09MB2716F2DBD20F9939606D0288A50A0@DM6PR09MB2716.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(120809045254105)(35073007944872)(21748063052155);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(8121501046)(5005006)(3002001)(93006095)(93001095)(10201501046)(3231311)(944501410)(52105095)(6055026)(149027)(150027)(6041310)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123560045)(20161123562045)(201708071742011)(7699016); SRVR:DM6PR09MB2716; BCL:0; PCL:0; RULEID:; SRVR:DM6PR09MB2716;
x-forefront-prvs: 077884B8B5
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(366004)(39850400004)(346002)(136003)(376002)(51914003)(189003)(199004)(2900100001)(5660300001)(8936002)(11346002)(229853002)(53936002)(446003)(256004)(9326002)(6246003)(8676002)(26005)(110136005)(33656002)(4326008)(316002)(5250100002)(2501003)(55016002)(9686003)(66066001)(54896002)(7736002)(106356001)(6436002)(74316002)(6306002)(486006)(476003)(81166006)(790700001)(6116002)(3846002)(68736007)(81156014)(236005)(97736004)(76176011)(478600001)(606006)(7696005)(186003)(6506007)(102836004)(25786009)(53546011)(105586002)(2906002)(99286004)(14454004)(86362001); DIR:OUT; SFP:1101; SCL:1; SRVR:DM6PR09MB2716; H:DM6PR09MB2714.namprd09.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: mitre.org does not designate permitted sender hosts)
x-microsoft-antispam-message-info: /SZAyKKG9U1KKX8Zqn2VYDVCFCInd+hjZ/mZ7xCNMb/oSXwj2+tpxiH6fzPG04l5U3jw7x9LlRdzXNVMM5I1JyVqW7OGdXV6e22nF57+1lD4PL/WTy5dc20DvfHmrxjNpyhXN7gZjNiJdcnlJY5hBj9iMsAy2PktXv7EW2e932k1rFt+6wI/VU0m2n5ml8qjc6S4vPX1ooX8RjL1vOtYT1Cy23Llv/WaznjnaEj7Ddr3Bzc7i140tWFHnbUvy7E+jUuGR6dkauShXWQ+bEIGyQJEvzVWl+F07xiokozdiP2xMT/AKMCoFBZa3xsPfC7fo6Vtbf/ytE2nY6ovuLLCnM5Ev4qdeV21/GY2mG9o2WY=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_DM6PR09MB2714DD4F6AC160D4F4637DBEA50A0DM6PR09MB2714namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 26efbd55-4bfe-4782-06e9-08d60d17c0b6
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Aug 2018 18:54:58.7286 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: c620dc48-1d50-4952-8b39-df4d54d74d82
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR09MB2716
X-OriginatorOrg: mitre.org
X-MITRE: 8GQsMWxq66rxk57w
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mitre.org; h=from:to:cc:subject:date:message-id:references:in-reply-to:content-type:mime-version; s=selector1; bh=B/O6qZkJYxD7YpyCb+8PEDWskR3Xv1jPs6TZ8biW0Ug=; b=hzeINvkYUHgY5T9C4R4dxEVMf2z0HUpNnysKq9SfJTyaw2I7E9hngohNiPNd9Oj/cSCZETR6m4iOU/Wz3BMuUTyzokvqDYpJ5XTk+XxjqyF3Ytc2K5dZgTC5JJF9gh9OsEVOcXjwlw5JqexODK6YUJM0UWnFD8cGZDJGKd1xpZo=
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/h4DU9TFF6LxEKmMySV-ftYD21GM>
Subject: Re: [sacm] Some comments about draft-ietf-sacm-ecp-02:
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Aug 2018 18:55:09 -0000

Hi Jess,

Here's how I was planning to respond to Frank. Does this all seem reasonable to you as well?

Thanks,

Danny

---------------

Hi Frank,

Thanks for the feedback! Comments inline below.

From: sacm [mailto:sacm-bounces@ietf.org] On Behalf Of Xialiang (Frank, Network Integration Technology Research Dept)
Sent: Thursday, August 23, 2018 4:03 AM
To: draft-ietf-sacm-ecp.authors@ietf.org
Cc: sacm@ietf.org
Subject: [sacm] Some comments about draft-ietf-sacm-ecp-02:

Hi authors,
I have reviewed the latest draft, and think it's useful to specify the endpoint posture collection profile with a document in sacm WG.

My personal feeling is that this draft is very comprehensive and general, but does not go into depth in terms of protocol, interface, data model...
So, it's kind of design guidance, framework overview document, aiming to helping to specify more concrete ECP protocols/models. Is my understanding right?

[Danny]: Correct. Our intent is to have this document be a best practices for how to use various data models, protocols, and interfaces for the on-going collection and assessment of endpoint information as well as the ability to expose that information to other tools.

In addition, I have some specific comments on current draft, as follow:

1.      Is it going to be a Standard Track draft? Since I see you mentioned in the abstract it mainly describes the best practices, maybe an Informational draft is more suitable?


[Danny]: I think I forgot to change that in the last draft, but, we would like to see this draft published as a BCP since it discusses the best practices for using IETF and TCG standards for endpoint assessment.



2.      What is the relation of the ECP with the SACM architecture? ECP is one component of the large SACM architecture, or is using the SACM architecture, or part of it?


[Danny]: ECP intends to provide the best practices for part of the architecture. Specifically, around the collector (Posture Collection Engine), repository (Repository), evaluator (Evaluator), and orchestrator (Orchestrator) components. With that said, there are currently no protocols or interfaces defined for the repository, evaluator, and orchestrator components. So, at the moment, ECP only provides best practices for the collection of information from the endpoint information and the communication of that information to the posture manager.


3.      In Figure 1, can the Endpoint support the pub/sub interaction with the Orchestrator?


[Danny]: I don't believe so. I think the thought was that the Endpoint would interact with the Posture Manager (i.e., just collection) and the Orchestrator would be involved on the other side of the diagram.

Jess: It looks like this was discussed further at IETF 101, but, it's not clear to me from the notes what the outcome was (https://datatracker.ietf.org/doc/minutes-101-sacm/). Do you recall what it was? I wasn't at IETF 101.



4.      I think the term NETMOD is not suitable in this document, since NETMOD (WG) is mainly about the various models definition. NETCONF is better for expressing the whole network devices management protocol.

[Danny]: Addressed.


[danny]
B.R.
Frank

v2.23.0 | Report a Bug | By Email