[sacm] IETF 95 Agenda on SWID world
Tony Rutkowski <tony@yaanatech.com> Thu, 07 April 2016 12:01 UTC
Return-Path: <tony@yaanatech.com>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5AC3512D80A for <sacm@ietfa.amsl.com>; Thu, 7 Apr 2016 05:01:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wIwrd65O_6g9 for <sacm@ietfa.amsl.com>; Thu, 7 Apr 2016 05:00:58 -0700 (PDT)
Received: from sc9-admin1.yaanatech.net (63-128-177-34-static.dzbja.com [63.128.177.34]) by ietfa.amsl.com (Postfix) with ESMTP id 926E812D800 for <sacm@ietf.org>; Thu, 7 Apr 2016 05:00:58 -0700 (PDT)
Received: from extmail1.yaanatech.com (extmail1.yaanatech.com [63.128.177.51]) by sc9-admin1.yaanatech.net (Postfix) with ESMTP id 73F1638B; Thu, 7 Apr 2016 12:00:58 +0000 (UTC)
Received: from [192.168.1.51] (pool-173-67-205-17.clppva.fios.verizon.net [173.67.205.17]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by extmail1.yaanatech.com (Postfix) with ESMTP id 3B96E5808E; Thu, 7 Apr 2016 11:57:32 +0000 (UTC)
References: <04C2FAE9-476B-489F-81CB-48BCAAFA29D6@gmail.com> <SN2PR0601MB099226A18B2F660403AB4DC8A89A0@SN2PR0601MB0992.namprd06.prod.outlook.com> <E6535DCE-089D-4EEA-BA8F-AA1F1D5C42A5@gmail.com>
To: Adam Montville <adam.w.montville@gmail.com>
From: Tony Rutkowski <tony@yaanatech.com>
Organization: Yaana Technologies
Message-ID: <57064BF9.4060805@yaanatech.com>
Date: Thu, 07 Apr 2016 08:00:57 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.7.1
MIME-Version: 1.0
In-Reply-To: <E6535DCE-089D-4EEA-BA8F-AA1F1D5C42A5@gmail.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/sacm/r5WF2M_NGUxhrz_0gn5EJ04jRDg>
Cc: "<sacm@ietf.org>" <sacm@ietf.org>
Subject: [sacm] IETF 95 Agenda on SWID world
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: tony@yaanatech.com
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Apr 2016 12:01:00 -0000
Hi Adam, Interesting to seem the presentations and brainstorming on materials. A few "inquiring minds" questions. For the Information Model Update presentation, slide 9 portrays two SWIDS: "SWID XML Schema" and "SWID CBOR Data Definition." It's not clear what the former represents, and the latter presumably will eventually be revealed in draft-birkholz-sacm-coswid-00. The SWID CBOR effort usefully begins to head slowly in the right direction of getting real, but it refers to ISO/IEC 19770-2:2015 as the source of SWID information structures, and combined with ISO/IEC 19770-5:2013 also referenced, sets one back $389 to take a peek at them. Maybe that's easy change for a government agency, but no one in the real world is going to spend that amount to take a peek at a specification. The problem here is compounded because NISTIR 8060 is out on the street for comment, but it references the 2009 version. To make matters worse, the NISTIR references the 2015 version as an extension schema, but the URL to get the extension schema is broken. http://csrc.nist.gov/ns/swid/2015-extensions/1.0 Not that this isn't elegant work, but it has the surreal attributes that pervaded the OSI world 30 years ago where the previous generation of some of the same government agency actors inhabited standards meetings - writing for years some of the best specifications that no one ever used. There are at least a dozen other industry SWID standards efforts out there if there was an interest in looking. They have better properties for the context, and some of those are used on a significant scale. But then again, it's kind of fun watching the deja vu of OSI getting reinvented in the IETF! --tony ps. If the authors revise the SWID CBOR draft, finding the details of X.1520 is easy. In English, it is at: <https://www.itu.int/rec/dologin_pub.asp?lang=e&id=T-REC-X.1520-201401-I!!PDF-E&type=items>
- [sacm] Updated IETF 95 Agenda Posted Adam Montville
- Re: [sacm] Updated IETF 95 Agenda Posted Lisa Lorenzin
- Re: [sacm] Updated IETF 95 Agenda Posted Adam Montville
- [sacm] IETF 95 Agenda on SWID world Tony Rutkowski
- Re: [sacm] IETF 95 Agenda on SWID world Adam Montville
- Re: [sacm] IETF 95 Agenda on SWID world Tony Rutkowski
- Re: [sacm] IETF 95 Agenda on SWID world Lisa Lorenzin
- Re: [sacm] IETF 95 Agenda on SWID world Cheikes, Brant A.
- Re: [sacm] IETF 95 Agenda on SWID world Tony Rutkowski
- Re: [sacm] IETF 95 Agenda on SWID world Tony Rutkowski