Re: [sacm] Hackathon Goals and Stretch Goals
Jessica Fitzgerald-McKay <jmfmckay@gmail.com> Tue, 30 May 2017 14:43 UTC
Return-Path: <jmfmckay@gmail.com>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A6BB12954C for <sacm@ietfa.amsl.com>; Tue, 30 May 2017 07:43:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.996
X-Spam-Level:
X-Spam-Status: No, score=-1.996 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5hroaMfeyV3O for <sacm@ietfa.amsl.com>; Tue, 30 May 2017 07:43:29 -0700 (PDT)
Received: from mail-qt0-x231.google.com (mail-qt0-x231.google.com [IPv6:2607:f8b0:400d:c0d::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C8BB129408 for <sacm@ietf.org>; Tue, 30 May 2017 07:43:29 -0700 (PDT)
Received: by mail-qt0-x231.google.com with SMTP id v27so71672714qtg.2 for <sacm@ietf.org>; Tue, 30 May 2017 07:43:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=6eeVNtFfiASgw8VoooMttOxNh4v1VWuaLSbIwYHtBfo=; b=VOXHr5JtTV8urXAelH5Xtk3HNBccCWRmA0SD30dLUK0HMlHQ5PC4WptYloxPVTOSGW mHn+3owyQhfOzbg6y+ILcXUqmCG2KfHYa/QBkFfzFt1hk7AfXslNaRTZIMcpvByr2Cvc y+QSQj5Vj4KqEU0Q3t/lL5DfM0Hh/L9uTVDFnvJX16EkStwQw9soXQvxKEY1a5Ue8Dmb PwzkyBP5+gbFz4d9B3l1u3Zjw+2SUuxDebz5cS8MV0E06qytParR6kmP9X4ujphHyQCZ n7MYeF5Yh/0FnvJocgqYE5jnvAV3tR/dZP4hj3RotJILbY2Th6lsjLX0Nhxqf6+W7LYk 61Bw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=6eeVNtFfiASgw8VoooMttOxNh4v1VWuaLSbIwYHtBfo=; b=jjGdBXOH+bbE5LRd6vDFUmIb+zU8Zo1F91OFVl5a9fWewQiPAPva+lImkpqLFgHv0E EKLO4k8DGZVjbeQoBi/x2bCZHMs7sYUbnXLzNQcZTePxYkOe66UyHPpvv5xCNaFAfvS9 PX7W3EG6DMuxDG2dVPGTSFbg8IfC/kLOZtkUJpCYDbm38usrb5nnjzrOLYIrev8m4LN7 8WThmyP7K2cpp5BI/w7kr81HxzX1IAgHHmbbcZaSzd5I6D4knKb1D32eyxPr7JMmJVTW s9P/H4XLPiYuj7mB2B1iHh4qbl8KFi7/AXfe6hpkNPdWxf1GUNUZQoc/q7NTxvTnSrBL vinA==
X-Gm-Message-State: AODbwcCzemfQqMabaLrb7xX6J1ZtuYQDayDUQUA+wCXR4Cy+tMsGp9iA 4pplJamm83oyQgcBeC5a5BULGXMtcg==
X-Received: by 10.200.44.101 with SMTP id e34mr26032289qta.146.1496155408122; Tue, 30 May 2017 07:43:28 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.23.52 with HTTP; Tue, 30 May 2017 07:43:27 -0700 (PDT)
In-Reply-To: <CACknUNVf8PmXjS8sJLAPhdCbwke_2aki8PDwoz-i3APD+tg=Ow@mail.gmail.com>
References: <CACknUNUhqqdumk1wombsAha0TQS4O4dNpajUs2Ak4jWDWZHXaA@mail.gmail.com> <CACknUNUQ_sgw46GsU8LoOq1puEyo8DUnJ4599h0GE=+Nc2Hxow@mail.gmail.com> <MWHPR09MB1440A80762DE455376735978F0E10@MWHPR09MB1440.namprd09.prod.outlook.com> <CACknUNUA0YH5EXQrPJHMWqfp=PZcVc_FpeTR0T9SmRMsteSvhw@mail.gmail.com> <CAA=AuEf_7A4ObvoiGHHzhtzNTS2B3Wxiz+WcBjwc8dqh4z7h2g@mail.gmail.com> <DM5PR09MB1354402E944E81A585B279D1A5E60@DM5PR09MB1354.namprd09.prod.outlook.com> <90838fdd-07be-fdf8-300f-614425d360ec@sit.fraunhofer.de> <CACknUNU-kuGMi8Oass_JT+3CvpAgbm8PAb1_KDTwM6D2X1o-JQ@mail.gmail.com> <CAN40gStPGRW7P6m2m7QrO8awCuksjyQoga4QCD3BzFqa_GN26Q@mail.gmail.com> <DM5PR09MB1354F148919DE47F23F3F087A5F80@DM5PR09MB1354.namprd09.prod.outlook.com> <653be99c-7502-210d-ccd1-5dc5811b8cee@sit.fraunhofer.de> <1F8FBAC8-3566-448D-84DA-640AE0211E5E@cisco.com> <CACknUNVf8PmXjS8sJLAPhdCbwke_2aki8PDwoz-i3APD+tg=Ow@mail.gmail.com>
From: Jessica Fitzgerald-McKay <jmfmckay@gmail.com>
Date: Tue, 30 May 2017 10:43:27 -0400
Message-ID: <CAM+R6NX=zCE5p1dP2hAnTd0bCKGvo_Gzcub_VjaSi7rGvSzeTQ@mail.gmail.com>
To: Adam Montville <adam.w.montville@gmail.com>
Cc: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, "sacm@ietf.org" <sacm@ietf.org>
Content-Type: multipart/alternative; boundary="001a1145069ea1493a0550bed318"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/toebEt9PLfhvJhHjElkiukK8ZQM>
Subject: Re: [sacm] Hackathon Goals and Stretch Goals
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 May 2017 14:43:33 -0000
We've been collaborating with Andreas Steffens on a SWIMA collector that operates well with strongSwan's NEA implementation. We hope to bring both SWIMA and strongSwan to the Hackathon. On Thu, May 25, 2017 at 9:06 AM, Adam Montville <adam.w.montville@gmail.com> wrote: > I'm viewing the problem essentially in two parts. 1) we need to understand > the information we need between each component to inform the information > model, then 2) we will need to figure out how to best represent that > information. Solidifying the information model seems like the latter, which > cannot really be done without first understanding the former. To me, the > hackathon should be first focused on the former - learning more about the > information we really need - before it gets too far along. > > This is not to say that we will not be able to address both! Instead, I am > suggesting that we, in earnest, start focusing on the first part of this > problem, and then hopefully get to the second part of the problem. > > We have three distinct goals. We have a user story. Now we need a team to > come together and start working even before we get to Prague, so that we > can make some real progress. There is not very much time left... > > Bill and I are committed. I believe Dave and Stephen are committed. Henk, > I think, is committed also. Who else is interested in participating? And, > how do we want to start running this? We can set up a code repo in GitHub > so we have a place to track work items, issues, etc. Being committed to > the effort requires becoming and remaining engaged in an ongoing work > effort. > > Kind regards, > > Adam > > On Tue, May 23, 2017 at 12:02 PM Nancy Cam-Winget (ncamwing) < > ncamwing@cisco.com> wrote: > >> Hi all, >> >> Trying to catch up on the thread….I would agree with Ira and Henk’s >> comments/suggestion that we should be working towards a SACM goal. That >> is, SACM has been working on solidifying an IM and the IM elements which >> are a MUST to implement….that way we enable the interoperability across the >> heterogeneity of the information available. >> >> I think there are going to be modules (or “glue”) needed to enable the >> current DB’s/repositories and their interfaces to be able to expose their >> available data in an (SACM) interoperable flow. >> >> If Henk can provide this, then we can focus on the mappings to get the >> interop underway then…. >> >> Nancy >> >> On 5/22/17, 9:48 AM, "sacm on behalf of Henk Birkholz" < >> sacm-bounces@ietf.org on behalf of henk.birkholz@sit.fraunhofer.de> >> wrote: >> >> Hello all, >> >> I totally agree that the method employed in Collection Tasks should >> not >> use the inter-component mechanism/format of distributing SACM content >> with. >> >> E.g. if there is a SWID repository that is a database (there are open >> but not commonly or currently used examples for data base schemas in >> regard to the outdated 2009 version of SWID, as far as I know), of >> course an SQL query is used to collect them. In this example the >> acquisition method employed by a Collector is simply an SQL used by >> that >> data base. We SHOULD NOT build an alternative way to convey that >> information! >> >> Same goes for Attributes via IF-M to address Danny's example. >> >> Now, looking downstream, the information queried has to be composed >> into >> an actual tag. Most likely, a DB about tags will store the most >> important items to query tags in tables (e.g. tag_id, entity_id, >> package_name, version, etc.) and also the complete XML blob (if it >> fits >> into a DB value, they can be large if stored in native XML). This is >> the >> way that the only open source example that I actually personally know >> of >> does it, at least. >> >> If you finally have that tag (re-composed or queried en'blob) >> collected >> and it is about a vulnerable software package that is currently >> installed as software instances on target endpoints, how to convey >> that >> information to other downstream components is the interesting point >> here: Partial, or as a byte blob, or mapped to IE, at least in a way >> that is not surprising to any SACM component in general. >> >> If we do not use a common message encoding and msg structure (data >> model) here (may it even be so preliminary that we just learn to use >> sth >> else), how should interop with further components work? I was under >> the >> impression that is the point of the IM? >> >> If nobody has the time to do this (which might be the only concern?), >> I >> can whip up an example using XSD and CDDL, and even YANG for YANG >> event >> notification, if I find more than one or two consecutive hours... >> >> Viele Grüße, >> >> Henk >> >> >> On 05/22/2017 04:16 PM, Haynes, Dan wrote: >> > It’s probably also worth pointing out that if we are using existing >> > protocols such as NEA, it may not make sense to directly change the >> > fields in its over-the-wire format to match the SACM IM (e.g. >> > communications between endpoint and server), rather, provide a >> mapping. >> > Then, when the server receives the data, it can use the mapping to >> store >> > the data in the repository such that it aligns with the data >> described >> > in the IM. This approach will likely be required when we want to >> > leverage existing protocols where we may not have the ability to >> change >> > them (e.g. Apple MDM and Configuration Profiles, Windows PowerShell >> > Desired State Configuration, etc.). With all that said, the explicit >> > approach may be more desirable when we are developing our own >> protocols >> > or have significant influence and support to change existing >> protocols. >> > I guess I am just trying to say we probably want to support both >> > approaches :). >> > >> > >> > >> > Thanks, >> > >> > Danny >> > >> > >> > >> > *From:*sacm [mailto:sacm-bounces@ietf.org] *On Behalf Of *Ira >> McDonald >> > *Sent:* Friday, May 19, 2017 2:39 PM >> > *To:* Adam Montville <adam.w.montville@gmail.com>; Ira McDonald >> > <blueroofmusic@gmail.com> >> > *Cc:* Henk Birkholz <henk.birkholz@sit.fraunhofer.de>; >> sacm@ietf.org >> > *Subject:* Re: [sacm] Hackathon Goals and Stretch Goals >> > >> > >> > >> > Hi Adam, >> > >> > Chiming in below on one point raised in this Hackathon goals >> conversation. >> > >> > Cheers, >> > >> > - Ira >> > >> > >> > >> > On Tue, May 16, 2017 at 2:47 PM, Adam Montville >> > <adam.w.montville@gmail.com <mailto:adam.w.montville@gmail.com>> >> wrote: >> > >> > Hi Henk. I'll try inline. >> > >> > On Tue, May 16, 2017 at 11:04 AM Henk Birkholz >> > <henk.birkholz@sit.fraunhofer.de >> > <mailto:henk.birkholz@sit.fraunhofer.de>> wrote: >> > >> > <...snip...> >> > >> > >> > Also, I noticed conflicting notions about how important it >> is to >> > prepare >> > a message format to convey information between components. >> While it >> > might not be as critical as "having actual component code to >> > work with", >> > interoperability is key. And if we would agree on a >> preliminary data >> > structure (probably derived from the current IM), before we >> > start the >> > hackathon, we could save some time during the f2f on-site. >> It's >> > probably >> > a low hanging fruit also, as I am not talking about every >> IE to be >> > conveyed, but about the general message structure ("the >> > container") and >> > the corresponding encoding for data in motion. >> > >> > >> > >> > [AWM] There are differing perspectives on this front. Yes, >> having a >> > common structure could be useful, but it may not be necessary >> for >> > the purposes of this effort. This effort is somewhat different >> from >> > others that I've heard of, in that we are not implementing a >> > solution as much as we are discovering one. I do expect that we >> will >> > discover the structures we need as we develop the solution. >> What do >> > others think about this? Do we need to have this information up >> > front, or is it something we can discover as we go? >> > >> > >> > >> > <ira> For message wire format for the Hackathon, please consider >> taking >> > the SACM >> > Information Model verbatim and using that XSD for XML wire format. >> > Efficiency is >> > >> > totally irrelevant. So is elegance. You're trying to do a proof of >> > concept. Defining >> > >> > the Hackathon wire format interactively in the room is a time waster >> > idea, IMO. >> > >> > >> > >> > >> > Thoughts? >> > >> > >> > Viele Grüße, >> > >> > Henk >> > >> > >> > >> > >> > On 05/16/2017 05:12 PM, Haynes, Dan wrote: >> > > Seems like a reasonable story to focus around, for the >> > hackathon, to me. >> > > >> > > >> > > >> > > Thanks, >> > > >> > > Danny >> > > >> > > >> > > >> > > *From:*sacm [mailto:sacm-bounces@ietf.org >> > <mailto:sacm-bounces@ietf.org>] *On Behalf Of *Jerome >> Athias >> > > *Sent:* Monday, May 15, 2017 11:12 PM >> > > *To:* Adam Montville <adam.w.montville@gmail.com >> > <mailto:adam.w.montville@gmail.com>>; Waltermire, David A. >> > > (Fed) <david.waltermire@nist.gov >> > <mailto:david.waltermire@nist.gov>>; sacm@ietf.org >> > <mailto:sacm@ietf.org> >> > > *Subject:* Re: [sacm] Hackathon Goals and Stretch Goals >> > > >> > > >> > > >> > > I think it's a good idea too. >> > > >> > > I don't know who is supposed to participate to this >> hackathon? >> > > >> > > Potentially you could market it by capitalizing on real >> known >> > events, >> > > (without trolling) let's say "new critical >> vulnerability", "for >> > > preventing ransomware" "FictitousCorp needs to Respond >> quickly >> > and have >> > > a system to Identify and Protect its endpoints..." >> > > >> > > >> > > >> > > >> > > >> > > On Tue, 16 May 2017 at 00:30, Adam Montville >> > <adam.w.montville@gmail.com <mailto:adam.w.montville@ >> gmail.com> >> > > <mailto:adam.w.montville@gmail.com >> > <mailto:adam.w.montville@gmail.com>>> wrote: >> > > >> > > I think that's a good idea. How do folks feel about >> this >> > story? Is >> > > it lacking anything? Is it too specific? What would >> you >> > change about >> > > it if you could? >> > > >> > > >> > > >> > > On Mon, May 15, 2017 at 12:57 PM Waltermire, David A. >> (Fed) >> > > <david.waltermire@nist.gov >> > <mailto:david.waltermire@nist.gov> >> > <mailto:david.waltermire@nist.gov >> > <mailto:david.waltermire@nist.gov>>> wrote: >> > > >> > > I was thinking that it would be useful to have a >> user >> > story to >> > > implement against for the Hackathon. How about >> > something like >> > > the following that maps to our goals: >> > > >> > > >> > > >> > > A vendor identifies a vulnerability in their >> software >> > product. >> > > They produce a new version of their software and >> publish a >> > > vulnerability bulletin that indicates customers >> should >> > upgrade >> > > to the new version to address the vulnerability. >> The >> > product >> > > versions have both a SWID tag and a CoSWID tag. >> As a >> > customer of >> > > this vendor that uses the affected products, we >> need >> > to build a >> > > vulnerability assessment system that is capable of >> > detecting >> > > what version of the software is installed and >> > determine if that >> > > version is vulnerable using the vendor provided >> > information. The >> > > Collector will be capable of gathering software >> inventory >> > > information from one or more target endpoints by: >> > > >> > > >> > > >> > > 1) Requesting software inventory information >> for the >> > > affected software based on an ad-hoc request. >> > > >> > > 2) Reporting the software inventory as >> software >> > changes occur >> > > >> > > >> > > >> > > Collected software inventory information will be >> > stored in the >> > > Assessment Results Repository and will be >> compared to >> > > vulnerability detection data retrieved from the >> > Vulnerability >> > > Detection Data Repository. The vulnerability >> detection >> > data will >> > > be derived from the vendor provided information in >> > some useful >> > > way to be determined by the Vulnerability >> Assessor. >> > > >> > > >> > > >> > > How does this look? >> > > >> > > >> > > >> > > Regards, >> > > >> > > Dave >> > > >> > > >> > > >> > > *From:*sacm [mailto:sacm-bounces@ietf.org >> > <mailto:sacm-bounces@ietf.org> >> > > <mailto:sacm-bounces@ietf.org >> > <mailto:sacm-bounces@ietf.org>>] *On Behalf Of *Adam >> Montville >> > > *Sent:* Tuesday, May 09, 2017 3:30 PM >> > > *To:* sacm@ietf.org <mailto:sacm@ietf.org> >> > <mailto:sacm@ietf.org <mailto:sacm@ietf.org>> >> > > *Subject:* Re: [sacm] Hackathon Goals and Stretch >> Goals >> > > >> > > >> > > >> > > All: >> > > >> > > >> > > >> > > This week Dave and I have had an opportunity to >> > discuss these a >> > > bit further. We've come up with the following set >> of >> > goals and >> > > outcomes: >> > > >> > > >> > > >> > > GOAL: Running code demonstrating the communication >> > needs between >> > > identified components as they pertain to the >> on-request >> > > collection case through the scenario, where that >> case is >> > > described >> > > at >> > https://trac.ietf.org/trac/sacm/wiki/ >> SacmVulnerabilityAssessmentScenario. >> > > OUTCOME: We will have specific understanding of >> > components' >> > > boundaries and the necessary information flows >> (including >> > > information being communicated) between them. >> > > >> > > >> > > >> > > GOAL: Leverage existing collected data in a data >> > repository. >> > > OUTCOME: Demonstrate that previously collected >> data can be >> > > reused to support vulnerability assessment >> > > >> > > >> > > >> > > GOAL: Running code to extend that base case to >> include a >> > > mechanism capable of monitoring a given set of >> endpoint >> > > attributes for change. OUTCOME: We will have >> specific >> > > understanding of additional architectural >> > considerations for >> > > handling monitoring vs. on-request collection, as >> well >> > as any >> > > additional information flows required. >> > > >> > > >> > > >> > > Does anyone care to bash these goal-ouctome pairs >> in >> > the context >> > > of our hackathon plans? If so, please do so over >> the >> > next day >> > > or two, otherwise these will become the stated >> goals >> > for our >> > > hackathon. >> > > >> > > >> > > >> > > Kind regards, >> > > >> > > >> > > >> > > Adam >> > > >> > > >> > > >> > > On Tue, May 2, 2017 at 4:40 PM Adam Montville >> > > <adam.w.montville@gmail.com >> > <mailto:adam.w.montville@gmail.com> >> > <mailto:adam.w.montville@gmail.com >> > <mailto:adam.w.montville@gmail.com>>> >> > > wrote: >> > > >> > > All: >> > > >> > > >> > > >> > > Last week Dave sent a list of milestones to >> the >> > list. The >> > > first of which was for the WG to define some >> goals >> > for the >> > > IETF 99 hackathon. I can see at least one >> primary >> > goal with >> > > at least one stretch goal. The primary goal >> is to have >> > > running code demonstrating the basic/ideal >> case >> > through our >> > > vulnerability scenario, where a new >> vulnerability is >> > > discovered and we need to reach out all the >> way to the >> > > endpoint to determine whether it is in fact >> > vulnerable. A >> > > stretch goal might be to have running code >> > demonstrating a >> > > "monitor for this vulnerability from now on" >> > capability (I'm >> > > sure I'm not stating that as well as I could). >> > > >> > > >> > > >> > > Does anyone have additional goals? Or, are >> there >> > better ways >> > > to state these particular goals (there >> probably are)? >> > > >> > > >> > > >> > > Kind regards, >> > > >> > > >> > > >> > > Adam >> > > >> > > _______________________________________________ >> > > sacm mailing list >> > > sacm@ietf.org <mailto:sacm@ietf.org> <mailto: >> sacm@ietf.org >> > <mailto:sacm@ietf.org>> >> > > https://www.ietf.org/mailman/listinfo/sacm >> > > >> > > >> > > >> > > _______________________________________________ >> > > sacm mailing list >> > > sacm@ietf.org <mailto:sacm@ietf.org> >> > > https://www.ietf.org/mailman/listinfo/sacm >> > > >> > >> > _______________________________________________ >> > sacm mailing list >> > sacm@ietf.org <mailto:sacm@ietf.org> >> > https://www.ietf.org/mailman/listinfo/sacm >> > >> > >> > _______________________________________________ >> > sacm mailing list >> > sacm@ietf.org <mailto:sacm@ietf.org> >> > https://www.ietf.org/mailman/listinfo/sacm >> > >> > >> > >> > >> > >> > _______________________________________________ >> > sacm mailing list >> > sacm@ietf.org >> > https://www.ietf.org/mailman/listinfo/sacm >> > >> >> _______________________________________________ >> sacm mailing list >> sacm@ietf.org >> https://www.ietf.org/mailman/listinfo/sacm >> >> >> _______________________________________________ >> sacm mailing list >> sacm@ietf.org >> https://www.ietf.org/mailman/listinfo/sacm >> > > _______________________________________________ > sacm mailing list > sacm@ietf.org > https://www.ietf.org/mailman/listinfo/sacm > >
- [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Waltermire, David A. (Fed)
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Jerome Athias
- Re: [sacm] Hackathon Goals and Stretch Goals Tim Harrison
- Re: [sacm] Hackathon Goals and Stretch Goals Tim Harrison
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Waltermire, David A. (Fed)
- Re: [sacm] Hackathon Goals and Stretch Goals Kathleen Moriarty
- Re: [sacm] Hackathon Goals and Stretch Goals Haynes, Dan
- Re: [sacm] Hackathon Goals and Stretch Goals Henk Birkholz
- Re: [sacm] Hackathon Goals and Stretch Goals Waltermire, David A. (Fed)
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Ira McDonald
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Waltermire, David A. (Fed)
- Re: [sacm] Hackathon Goals and Stretch Goals Haynes, Dan
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Henk Birkholz
- Re: [sacm] Hackathon Goals and Stretch Goals Henk Birkholz
- Re: [sacm] Hackathon Goals and Stretch Goals Jerome Athias
- Re: [sacm] Hackathon Goals and Stretch Goals Nancy Cam-Winget (ncamwing)
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville
- Re: [sacm] Hackathon Goals and Stretch Goals Jessica Fitzgerald-McKay
- Re: [sacm] Hackathon Goals and Stretch Goals Adam Montville