Re: [sacm] SACM IETF 84 Presentation

[Stephen Hanna <shanna@juniper.net>]

Kent,

Feel free to add IF-MAP to the slides if you want.

I see what you mean about the Use Case I-D. But if we decide to include work item for "an overview of security automation and continuous monitoring", I think that should span all these use cases. Otherwise, we'll end up with an architecture that only covers a tiny part of the security automation space. There's a desperate need for someone to provide a blueprint that shows how MILE, NEA, SACM, and other future work all fits together. I hope that SACM can provide that. We can even point out gaps that other groups can work on filling in.

Thanks,

Steve

From: Kent_Landfield@mcafee.com [mailto:Kent_Landfield@mcafee.com]
Sent: Wednesday, August 01, 2012 10:12 PM
To: Stephen Hanna; sacm@ietf.org
Cc: scap-dev@nist.gov
Subject: Re: SACM IETF 84 Presentation

Steve,

You are definitely on a roll. ;-)  That's why we asked if there were other specifications / efforts that should be included IN the slides... ;-)  The intent is to indicate what related documentation existed that we may be able to consider for I-D development input. Just because it is listed does not mean it will be. The slides are for informational purposes only.  The intent is to help frame the discussion around the working group charter while informing all as to the status of the documents from an IPR perspective.  Additionally the slides were focused on specifications that are not already I-Ds or RFCs.  I would like to include IF-MAP as well as I feel it is appropriate to the SACM efforts and goals.

I see the Use Case I-D as being a broader document than just what SACM is considering doing.  I see that as a more of an overarching document that pulls many of the related efforts in while also describing SACM uses.

Thanks for all your great feedback and help today!

Kent Landfield

McAfee | An Intel Company
Direct: +1.972.963.7096
Mobile: +1.817.637.8026
Web: www.mcafee.com<http://www.mcafee.com/>

From: Stephen Hanna <shanna@juniper.net<mailto:shanna@juniper.net>>
Date: Wednesday, August 1, 2012 6:32 PM
To: Kent Landfield <Kent_Landfield@McAfee.com<mailto:Kent_Landfield@McAfee.com>>, "sacm@ietf.org<mailto:sacm@ietf.org>" <sacm@ietf.org<mailto:sacm@ietf.org>>
Cc: "scap-dev@nist.gov<mailto:scap-dev@nist.gov>" <scap-dev@nist.gov<mailto:scap-dev@nist.gov>>
Subject: RE: SACM IETF 84 Presentation

You didn't ask for feedback on the slides but I'm on a roll now... ;-)

The Use Cases document references a bunch of existing specs. Some are listed in the Internet Discussion slides but some are not. I guess you left out the RFCs (PA-TNC, PB-TNC, RADIUS, DIAMETER, etc.) because they're already set from an IETF perspective. Here are the ones that are not RFCs but are missing from the slides: PT-TLS (already an I-D in NEA, soon to be an RFC), PT-EAP (already an I-D in NEA, soon to be an RFC), draft-ietf-mile-sci (already an I-D in MILE), and IF-MAP (not an I-D yet, currently a TCG Specification owned by TCG but TCG has donated several specs to IETF before so we might hope they'd do so again).

I'll leave it to you to decide whether to add one or more of those specs to your slides.

Thanks,

Steve

From: sacm-bounces@ietf.org<mailto:sacm-bounces@ietf.org> [mailto:sacm-bounces@ietf.org] On Behalf Of Kent_Landfield@McAfee.com<mailto:Kent_Landfield@McAfee.com>
Sent: Wednesday, August 01, 2012 8:56 PM
To: sacm@ietf.org<mailto:sacm@ietf.org>
Cc: scap-dev@nist.gov<mailto:scap-dev@nist.gov>
Subject: [sacm] SACM IETF 84 Presentation

All,

Here are the slides  Dave and I will be using tomorrow during the SACM Side Meeting. We look forward to seeing / hearing you there.

Thanks.

Kent Landfield

McAfee | An Intel Company
Direct: +1.972.963.7096
Mobile: +1.817.637.8026
Web: www.mcafee.com<http://www.mcafee.com/>