IETF Logo Mail Archive

[sacm] FOR REVIEW: SACM I-D Roadmap

"Haynes, Dan" <dhaynes@mitre.org> Tue, 13 September 2016 19:18 UTC

Return-Path: <dhaynes@mitre.org>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1698212B02E for <sacm@ietfa.amsl.com>; Tue, 13 Sep 2016 12:18:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.707
X-Spam-Level:
X-Spam-Status: No, score=-5.707 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.508] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mitre.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xVMngPlKNx4V for <sacm@ietfa.amsl.com>; Tue, 13 Sep 2016 12:18:13 -0700 (PDT)
Received: from smtpvmsrv1.mitre.org (smtpvmsrv1.mitre.org [192.52.194.136]) by ietfa.amsl.com (Postfix) with ESMTP id 67A6012B02A for <sacm@ietf.org>; Tue, 13 Sep 2016 12:18:12 -0700 (PDT)
Received: from smtpvmsrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id C9E3E6C56AD for <sacm@ietf.org>; Tue, 13 Sep 2016 15:18:11 -0400 (EDT)
Received: from imshyb01.MITRE.ORG (imshyb01.mitre.org [129.83.29.2]) by smtpvmsrv1.mitre.org (Postfix) with ESMTP id 9F4D86C5AB0 for <sacm@ietf.org>; Tue, 13 Sep 2016 15:18:11 -0400 (EDT)
Received: from imshyb01.MITRE.ORG (129.83.29.2) by imshyb01.MITRE.ORG (129.83.29.2) with Microsoft SMTP Server (TLS) id 15.0.1130.7; Tue, 13 Sep 2016 15:18:10 -0400
Received: from gcc01-CY1-obe.outbound.protection.outlook.com (10.140.19.249) by imshyb01.MITRE.ORG (129.83.29.2) with Microsoft SMTP Server (TLS) id 15.0.1130.7 via Frontend Transport; Tue, 13 Sep 2016 15:18:10 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mitre.onmicrosoft.com; s=selector1-mitre-org; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=+wpqP7Q+GN2flvnqC8V9W+EHlJIINzUE4XOJT4LtNJ0=; b=BW8vEo+0M1hg8GK9QoEiCSVBP7AUK2iJKAqk9EInnIHHT82olG+RBneQ7+dD7gdq6gZSc3/U+cCqfp1p9nMVQ2I7LUwT92CCO/NklNWgn6pbWOF/vbZJYx2DIgfWna3I+ZyJzk1Q7Q9Ko4xyPl+jityf0FKS7ixIF7Y9DZxK62I=
Received: from BY2PR09MB1078.namprd09.prod.outlook.com (10.166.116.10) by BY2PR09MB1080.namprd09.prod.outlook.com (10.166.116.12) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.1.619.10; Tue, 13 Sep 2016 19:18:09 +0000
Received: from BY2PR09MB1078.namprd09.prod.outlook.com ([10.166.116.10]) by BY2PR09MB1078.namprd09.prod.outlook.com ([10.166.116.10]) with mapi id 15.01.0619.012; Tue, 13 Sep 2016 19:18:09 +0000
From: "Haynes, Dan" <dhaynes@mitre.org>
To: "sacm@ietf.org" <sacm@ietf.org>
Thread-Topic: FOR REVIEW: SACM I-D Roadmap
Thread-Index: AdIN77u68DkDXYtVSVqsvKJSmo5jRA==
Date: Tue, 13 Sep 2016 19:18:09 +0000
Message-ID: <BY2PR09MB10786B34C486696FFD16D420A5FE0@BY2PR09MB1078.namprd09.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=dhaynes@mitre.org;
x-originating-ip: [192.160.51.86]
x-ms-office365-filtering-correlation-id: 70bdce59-6174-4e74-b589-08d3dc0ab2a3
x-microsoft-exchange-diagnostics: 1; BY2PR09MB1080; 6:2BafNjXeb5BZtF4mmOY8zOZNk8x88Azc9MC5NwV4vF7AsR9skszVnAeFpv/D0TolZE6LXDEqfxJ5whXZYu9pAjI1kK/HlIaKdpivJBEFUCICIm/YAGLB2sio656UhHa3hAhuNTesYLzvCL+SO+PdWLrsFGaRcR6VBiw7eKpz4n2Ca9gC7FcCuMYg8t78XY/3cMfTw6cM7jj2F+DYN1YlbKOFyK/tAQtJbEMGra/VWtg8Wid6kEq0qz1ZdE3WMCfCHzYOxIRKJi97DBRQMpKu8jHHzM1VD7fCs+pwM6TyRVoAdclUcZgqutmRamDta1SfmD0xN1l4vztPTOmn6QAwqA==; 5:qkpyFRj1QWJSTyxeCIe3tBEGZwiQtIyCHCZWKhM6lGKYaJQNJ505yIJwl+scQDisXqVr1Y3k/LUh5BhTeUnLhGyj7+EbWILlFVdPyv0RVU8EhfdxoPaZl9+ZLhDTRWqx27BgVH1PVutZEh1I50bsdQ==; 24:3YcKgOafcFIKD96p45t74+1R0QTkfjVRFS67K3ATf5EzzU7FgZeLCs+W5NMVAyi3dlRmOUjSYTrzXEA0LOmOGkJ/Q0toesMPx1B3HL+JBjc=; 7:G4GmianHjOYHPQOYe7lRrv6WyBQ6BrB9SKPuIF/K7D8bMPzPNRs5uAKVkUKtxeAZp0+MHngYiQZI8TANq7FLuTrZEN37EP/xwWLnd2qFrGRb9qVlwcwiOEipbDj2+DgTJHfBhSOa83MRzAzwK7WvBaLLsz3ZtqkXQ4z6lQgdrFa1+Znqk6LTmxM/R+0kNmwDZ0RJ77sAvukK6V3k8uyUwuya1pTZof+kJb/zytYQ4CZX4rmAUEKlZQrUnWjeEImI
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY2PR09MB1080;
x-microsoft-antispam-prvs: <BY2PR09MB10802D9C0A6F05C8DBACF736A5FE0@BY2PR09MB1080.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(120809045254105)(100405760836317)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026); SRVR:BY2PR09MB1080; BCL:0; PCL:0; RULEID:; SRVR:BY2PR09MB1080;
x-forefront-prvs: 0064B3273C
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(7916002)(189002)(199003)(53754006)(50944005)(16236675004)(101416001)(189998001)(8936002)(9326002)(19580395003)(11100500001)(19625215002)(19300405004)(1730700003)(81156014)(81166006)(33656002)(86362001)(5002640100001)(19617315012)(76576001)(2900100001)(8676002)(561944003)(97736004)(107886002)(77096005)(2501003)(15975445007)(105586002)(106356001)(5660300001)(99286002)(2351001)(790700001)(122556002)(66066001)(450100001)(586003)(3846002)(6116002)(7906003)(102836003)(5640700001)(5630700001)(50986999)(10400500002)(54356999)(87936001)(92566002)(9686002)(7736002)(7846002)(68736007)(2906002)(74316002)(3660700001)(110136003)(7696004)(229853001)(3280700002)(579004); DIR:OUT; SFP:1101; SCL:1; SRVR:BY2PR09MB1080; H:BY2PR09MB1078.namprd09.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: mitre.org does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BY2PR09MB10786B34C486696FFD16D420A5FE0BY2PR09MB1078namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Sep 2016 19:18:09.2437 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: c620dc48-1d50-4952-8b39-df4d54d74d82
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR09MB1080
X-OriginatorOrg: mitre.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/z4EogTAGigWhKUuIbYNV-edCdvU>
Subject: [sacm] FOR REVIEW: SACM I-D Roadmap
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Sep 2016 19:18:16 -0000

Hi Everyone,



Today at the virtual interim we discussed, the following I-D roadmap. The idea is that this roadmap will help the WG prioritize which documents we work on. To provide a little more context on the table below, here is a brief description for each column.



*         Importance: The importance of completing a particular I-D.  This is based on the need for consensus around an I-D for the WG to make progress, whether or not other I-Ds are dependent on it, criticality to satisfy the SACM Vulnerability Assessment Scenario, etc.

*         I-D: Name of the I-D.

*         Description: Describes what the I-D is and how it relates back to the SACM Vulnerability Assessment Scenario I-D [1].  It also includes bullet points for key milestones that we need to achieve with respect to the particular I-D.

*         Next Delivery: When we anticipate the next revision (or first in the case of a new I-D) will be published.

*         Projected WGLC: When we would like to have a WGLC issued for the I-D.  This will be highly dependent on WG feedback and discussion.





Importance


I-D


Description


Next Delivery


Projected WGLC


TBD


draft-ietf-sacm-architecture [2]


The current Architecture I-D has been parked in order to gain a better understanding of the solutions being developed by the WG.  This revised Architecture I-D will better align the SACM architecture with these solutions.



Key Milestones:

*         Clarify the distinction and interaction between the collection and aggregation of information from endpoints by a central server and the consumption of this endpoint information by distributed SACM consumers.

*         Capture architectural information needs in the Information Model I-D.

*         Define specific requirements for capabilities outlined in the SACM Vulnerability Assessment Scenario I-D.




TBD


TBD


TBD


draft-ietf-sacm-information-model [3]


This I-D will capture the specific information needs for SACM with a current focus on the SACM Vulnerability Assessment Scenario I-D.



Key Milestones:

*         Distinguish between the information needs required to express endpoint information and the information needs required to exchange endpoint information and other data between SACM consumers.

*         Capture software inventory information, configuration information, and other information required to support the SACM Vulnerability Assessment Scenario I-D.  SWID and OVAL should be used as a starting point for identifying these information needs.




TBD


TBD


TBD

draft-coffin-sacm-nea-swid-patnc [4]




This I-D specifies a protocol for transporting software inventory information from the endpoint to server.  It currently supports SWID expressed as XML.  Software inventory information is critical to determining whether or not an endpoint is in a vulnerable state.



Key Milestones:

*         Make the I-D more data model independent.

*         Identify the mandatory-to-implement aspects of the selected data model (if any).




TBD


TBD


TBD


Data Model for Endpoint

Configuration Information*


This I-D specifies a data model for representing endpoint configuration information based on the lessons learned from OVAL. This I-D will support the collection of configuration information from an endpoint which is necessary to support situations in the SACM Vulnerability Assessment Scenario I-D where software inventory information is not enough to determine whether or not an endpoint is in a vulnerable state.



Key Milestones:

*         Experiment with various data formats and select an initial data format for the data model.

*         Develop a basic data model for expressing the values of configuration information from an endpoint using the selected data format.

*         Develop a basic data model for expressing which configuration information to collect or monitor from an endpoint.

*         Get WG review.

*         Determine if the WG wants to adopt this document.




TBD


TBD


TBD


PA-TNC Extension for Endpoint

Configuration Information*


This I-D extends the PA-TNC protocol to support the collection and transport of endpoint configuration information from the endpoint to the server.



Key Milestones:

*         Using SWID M&A as a template, develop an I-D that supports messages and attributes associated with endpoint configuration information as described above in "Data Model for Endpoint Configuration Information".

*         Get WG review.

*         Determine if the WG wants to adopt this document.




TBD


TBD


TBD


draft-birkholz-sacm-coswid [5]


This I-D specifies a lightweight data model for representing software inventory information using the CBOR data format.  This I-D will provide an additional data format in which to transport software inventory information over SWID M&A.  Software inventory is a critical component of the SACM Vulnerability Assessment Scenario.



Key Milestones:

*         Get WG review.

*         Determine if the WG wants to adopt this document.




TBD


TBD




We will need to work together to determine the following.



*         Are there any I-Ds missing from the roadmap? I should add that we will update this as necessary to accommodate new work. We don't need to capture everything that we may want to work.



*         Is the roadmap missing any key milestones?



*         Does the following proposal for the I-D "Importance" column seem reasonable?

1.       draft-ietf-sacm-architecture

2.       draft-ietf-sacm-information-model

3.       draft-coffin-sacm-nea-swid-patnc

4.       Data Model for Endpoint Configuration Information

5.       PA-TNC Extension for Endpoint Configuration Information

6.       draft-birkholz-sacm-coswid



*         Do you have thoughts on dates for the "Next Delivery" and the "Project WGLC" columns?



Please provide any feedback by Monday 9/19. It would be great to wrap this up by next Tuesday.



Also, please let me know if you have any questions.



Thanks,

Danny



[1] https://datatracker.ietf.org/doc/draft-ietf-sacm-vuln-scenario/

[2] https://datatracker.ietf.org/doc/draft-ietf-sacm-architecture/

[3] https://datatracker.ietf.org/doc/draft-ietf-sacm-information-model/

[4] https://datatracker.ietf.org/doc/draft-coffin-sacm-nea-swid-patnc/

[5] https://datatracker.ietf.org/doc/draft-birkholz-sacm-coswid/

* No I-D is currently available, but, one will be developed.

v2.23.0 | Report a Bug | By Email