IETF Logo Mail Archive

Re: [sacm] Fwd: I-D Action: draft-handt-sacm-asset-identifiers-00.txt

Adam Montville <Adam.Montville@cisecurity.org> Thu, 25 July 2013 17:37 UTC

Return-Path: <Adam.Montville@cisecurity.org>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 43E5F21F92A5 for <sacm@ietfa.amsl.com>; Thu, 25 Jul 2013 10:37:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.649
X-Spam-Level:
X-Spam-Status: No, score=-2.649 tagged_above=-999 required=5 tests=[AWL=-0.051, BAYES_00=-2.599, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9U55lKni7gCy for <sacm@ietfa.amsl.com>; Thu, 25 Jul 2013 10:37:18 -0700 (PDT)
Received: from mail1.bemta12.messagelabs.com (mail1.bemta12.messagelabs.com [216.82.251.8]) by ietfa.amsl.com (Postfix) with ESMTP id DC73D21F9034 for <sacm@ietf.org>; Thu, 25 Jul 2013 10:37:17 -0700 (PDT)
Received: from [216.82.250.179:21924] by server-8.bemta-12.messagelabs.com id 49/9A-31440-B4261F15; Thu, 25 Jul 2013 17:37:15 +0000
X-Env-Sender: Adam.Montville@cisecurity.org
X-Msg-Ref: server-7.tower-210.messagelabs.com!1374773834!8995823!1
X-Originating-IP: [69.195.43.86]
X-StarScan-Received:
X-StarScan-Version: 6.9.11; banners=cisecurity.org,-,-
X-VirusChecked: Checked
Received: (qmail 5552 invoked from network); 25 Jul 2013 17:37:15 -0000
Received: from mail.msisac.org (HELO mail.msisac.org) (69.195.43.86) by server-7.tower-210.messagelabs.com with AES128-SHA encrypted SMTP; 25 Jul 2013 17:37:15 -0000
Received: from CISEXCHANGE1.msisac.org.local ([fe80::4f0:b68d:e779:38c3]) by CISEXCHANGE2.msisac.org.local ([fe80::9d91:1cd4:d9fb:616c%14]) with mapi id 14.02.0342.003; Thu, 25 Jul 2013 13:36:55 -0400
From: Adam Montville <Adam.Montville@cisecurity.org>
To: Sean Turner <turners@ieca.com>, "sacm@ietf.org" <sacm@ietf.org>
Thread-Topic: [sacm] Fwd: I-D Action: draft-handt-sacm-asset-identifiers-00.txt
Thread-Index: AQHOflbaeQpXtrNVV0OhXxAJ+XuCypl1swmQgAALEVA=
Date: Thu, 25 Jul 2013 17:36:56 +0000
Message-ID: <05BCCEB107AF88469B9F99783D47C1D6737A73@CISEXCHANGE1.msisac.org.local>
References: <20130711165015.29939.87432.idtracker@ietfa.amsl.com> <51DEE295.3050403@ieca.com> <05BCCEB107AF88469B9F99783D47C1D6737A4F@CISEXCHANGE1.msisac.org.local>
In-Reply-To: <05BCCEB107AF88469B9F99783D47C1D6737A4F@CISEXCHANGE1.msisac.org.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.252.39]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [sacm] Fwd: I-D Action: draft-handt-sacm-asset-identifiers-00.txt
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion List for IETFers interested in the Security Content Automation Protocol \(SCAP\)." <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sacm>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Jul 2013 17:37:23 -0000

I may have answered my own question actually digging into it.  So, if I'm understanding this right, it seems like we'd be seeing arcs that would have OIDs that are named, which would have some node that acts as a class of the instances found below...  Maybe I'm still wrong.  More digging.

> -----Original Message-----
> From: sacm-bounces@ietf.org [mailto:sacm-bounces@ietf.org] On Behalf Of
> Adam Montville
> Sent: Thursday, July 25, 2013 10:04 AM
> To: Sean Turner; sacm@ietf.org
> Subject: Re: [sacm] Fwd: I-D Action: draft-handt-sacm-asset-identifiers-
> 00.txt
> 
> Being the transcriber of NISTS Asset Identification standard to an I-D format
> (now expired), I have some questions about this proposal.  First, however, I
> like the way this reads and flows and I enjoyed reading it, much like I enjoyed
> reading the alternate architecture document.
> 
> It seems that draft-handt-sacm-asset-identifiers-00 is squarely focused on
> instance-level identity, identification, and identifiers.  I believe, that we have
> several levels of "identification" requirements.  We do want instance-level
> identification, and I believe OIDs, as proposed, could be a good solution.  I
> believe we also want class-level identification, for which we have been
> considering CPE.
> 
> For example, I may have several OIDs, one for each of a Windows Server
> 2008 instance, RHEL 6 instance, Windows Server 2012 instance, and Solaris 9
> instance.  Now, I want to find all the assets in the "Windows" class, which
> would be the set of two OIDs representing the WS2008 and WS2012
> instances.  We could leave it up to implementers to provide this type of
> functionality, but would it not be useful to have some standardized way to
> represent that class?
> 
> An honest question: How would this proposal handle class-level
> identification?  Or, do we collectively believe there is no such need?
> 
> Adam
> 
> > -----Original Message-----
> > From: sacm-bounces@ietf.org [mailto:sacm-bounces@ietf.org] On Behalf
> > Of Sean Turner
> > Sent: Thursday, July 11, 2013 9:51 AM
> > To: sacm@ietf.org
> > Subject: [sacm] Fwd: I-D Action:
> > draft-handt-sacm-asset-identifiers-00.txt
> >
> > More food for thought.
> >
> > spt
> >
> > -------- Original Message --------
> > Subject: I-D Action: draft-handt-sacm-asset-identifiers-00.txt
> > Date: Thu, 11 Jul 2013 09:50:15 -0700
> > From: internet-drafts@ietf.org
> > Reply-To: internet-drafts@ietf.org
> > To: i-d-announce@ietf.org
> >
> >
> > A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> >
> >
> > 	Title           : sacm: Asset Identifier
> > 	Author(s)       : Russ Housley
> >                            Sean Turner
> > 	Filename        : draft-handt-sacm-asset-identifiers-00.txt
> > 	Pages           : 7
> > 	Date            : 2013-07-11
> >
> > Abstract:
> >     This document examines the asset identifiers available for sacm and
> >     it proposes that OIDs (Object Identifiers) be selected as the asset
> >     identifier format.
> >
> >
> > The IETF datatracker status page for this draft is:
> > https://datatracker.ietf.org/doc/draft-handt-sacm-asset-identifiers
> >
> > There's also a htmlized version available at:
> > http://tools.ietf.org/html/draft-handt-sacm-asset-identifiers-00
> >
> >
> > Internet-Drafts are also available by anonymous FTP at:
> > ftp://ftp.ietf.org/internet-drafts/
> >
> > _______________________________________________
> > I-D-Announce mailing list
> > I-D-Announce@ietf.org
> > https://www.ietf.org/mailman/listinfo/i-d-announce
> > Internet-Draft directories: http://www.ietf.org/shadow.html or
> > ftp://ftp.ietf.org/ietf/1shadow-sites.txt
> >
> >
> >
> > _______________________________________________
> > sacm mailing list
> > sacm@ietf.org
> > https://www.ietf.org/mailman/listinfo/sacm
> >
> > ...
> 
> This message and attachments may contain confidential information.  If it
> appears that this message was sent to you by mistake, any retention,
> dissemination, distribution or copying of this message and attachments is
> strictly prohibited.  Please notify the sender immediately and permanently
> delete the message and any attachments.
> _______________________________________________
> sacm mailing list
> sacm@ietf.org
> https://www.ietf.org/mailman/listinfo/sacm
> 
> ...

This message and attachments may contain confidential information.  If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this message and attachments is strictly prohibited.  Please notify the sender immediately and permanently delete the message and any attachments.

v2.23.0 | Report a Bug | By Email