Re: [sacm] [scap-dev] Request for participants - Content RepositorySpecification Development
"Waltermire, David A." <david.waltermire@nist.gov> Fri, 18 May 2012 14:24 UTC
Return-Path: <david.waltermire@nist.gov>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E5E721F86AA for <sacm@ietfa.amsl.com>; Fri, 18 May 2012 07:24:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.424
X-Spam-Level:
X-Spam-Status: No, score=-5.424 tagged_above=-999 required=5 tests=[AWL=-0.065, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_LWSHORTT=1.24]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R2c-ToAc-XLK for <sacm@ietfa.amsl.com>; Fri, 18 May 2012 07:24:54 -0700 (PDT)
Received: from wsget1.nist.gov (wsget1.nist.gov [129.6.13.150]) by ietfa.amsl.com (Postfix) with ESMTP id 3964821F869F for <sacm@ietf.org>; Fri, 18 May 2012 07:24:53 -0700 (PDT)
Received: from WSXGHUB1.xchange.nist.gov (129.6.18.96) by wsget1.nist.gov (129.6.13.150) with Microsoft SMTP Server (TLS) id 14.1.355.2; Fri, 18 May 2012 10:24:33 -0400
Received: from MBCLUSTER.xchange.nist.gov ([fe80::d479:3188:aec0:cb66]) by WSXGHUB1.xchange.nist.gov ([129.6.18.96]) with mapi; Fri, 18 May 2012 10:24:52 -0400
From: "Waltermire, David A." <david.waltermire@nist.gov>
To: "WOLFKIEL, JOSEPH L CIV DISA PEO-MA" <joseph.wolfkiel@disa.mil>, Panos Kampanakis <pkampana@cisco.com>, SCAP-DEV <SCAP-DEV@nist.gov>, "sacm@ietf.org" <sacm@ietf.org>
Date: Fri, 18 May 2012 10:24:46 -0400
Thread-Topic: [scap-dev] [sacm] Request for participants - Content RepositorySpecification Development
Thread-Index: Ac0vlAFxw3bnrjTVRA6a23ojGCQzFQAArCrAAQEd+jAAN3anYAAgjpeAAABof5A=
Message-ID: <D7A0423E5E193F40BE6E94126930C4930B995C2CF1@MBCLUSTER.xchange.nist.gov>
References: <15D0981C9BE53042A4C9D0F3D0B6826B2900F2@MSIS-GH1-UEA10.corp.nsa.gov><CBD00675.32964%kent_landfield@mcafee.com><66930F41F45C954AA119D59EE69C06E90C69E6098D@MBCLUSTER.xchange.nist.gov><D7A0423E5E193F40BE6E94126930C4930B994AB4FD@MBCLUSTER.xchange.nist.gov> <015d01cd347c$921ebf10$b65c3d30$@com> <0C700A7ED1FE57488BB17782F397264B05F78E91@DUMFDPEXMB01.disanet.disa-u.mil>
In-Reply-To: <0C700A7ED1FE57488BB17782F397264B05F78E91@DUMFDPEXMB01.disanet.disa-u.mil>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="iso-8859-2"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [sacm] [scap-dev] Request for participants - Content RepositorySpecification Development
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion List for IETFers interested in the Security Content Automation Protocol \(SCAP\)." <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sacm>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 May 2012 14:24:56 -0000
In a REST scenerio, a HTTP GET request would be used for querying. The problem is, and correct me if I am wrong, that HTTP GET semantics require that a resource be retrieved based on the request URI. This works for simple id lookups, but does not work well if you want to form a query around complex boolean criteria where grouping is needed. For this we may need to use JSON to encode the query parameters as a request parameter. I would expect the response to be XML. Sincerely, David Waltermire SCAP Architect National Institute of Standards and Technology (301) 975-3390 david.waltermire@nist.gov > -----Original Message----- > From: WOLFKIEL, JOSEPH L CIV DISA PEO-MA > [mailto:joseph.wolfkiel@disa.mil] > Sent: Friday, May 18, 2012 9:42 AM > To: Panos Kampanakis; Waltermire, David A.; SCAP-DEV; sacm@ietf.org > Subject: RE: [scap-dev] [sacm] Request for participants - Content > RepositorySpecification Development > > If we're trying for interoperability, it seems like we'll need to > specify the transport and security. I'd hate to end up with something > where every consumer must be able to consume any combination of JSON, > XML, CSV over REST or SOAP because we didn't pick a standard > configuration. > > I like using REST if possible because the DoD in the Web Services STIG > has made SOAP-based web services difficult and expensive. I like XML > because we already have to do XML parsing for OVAL and XCCDF, so I > don't really see the allure of having to parse JSON for the service > then having to parse XML for the content. > > Joseph L. Wolfkiel > Engineering Group Lead > DISA PEO MA/IA52 > (301) 225-8820 > Joseph.Wolfkiel@DISA.mil > > > -----Original Message----- > From: scap-dev-bounces@nist.gov [mailto:scap-dev-bounces@nist.gov] On > Behalf Of Panos Kampanakis > Sent: Thursday, May 17, 2012 6:30 PM > To: 'Waltermire, David A.'; SCAP-DEV; sacm@ietf.org > Subject: Re: [scap-dev] [sacm] Request for participants - Content > RepositorySpecification Development > > Good starting point Dave. > > > > 2 thoughts: > > > > - Integrity and Confidentiality can certainly be addressed in this > spec. But XML has its own mechanisms to provide them. Thus the content > itself can provide Integrity and Confidentiality. I am not sure if the > spec should have Integrity and Confidentiality as required features. > > > > - Also, should the data Exchange mechanism be part of this draft? For > example HTTP/TLS messages etc (as in MILE's rfc6546) or JSON, SOAP, > REST as were suggested in SACM's alias before? > > > > Rgs, > > Panos > > > > > > > > From: sacm-bounces@ietf.org [mailto:sacm-bounces@ietf.org] On Behalf Of > Waltermire, David A. > Sent: Wednesday, May 16, 2012 3:39 PM > To: SCAP-DEV; sacm@ietf.org > Subject: Re: [sacm] Request for participants - Content Repository > Specification Development > > > > I just posted a skeleton I/D on this topic. I have included an initial > section that focuses on identifying the overall problem space relating > to content repositories. I'd appreciate any comments. > > > > Here is the draft: > > http://www.ietf.org/id/draft-waltermire-content-repository-00.txt > > > > Sincerely, > > Dave > > > > From: Waltermire, David A. > Sent: Friday, May 11, 2012 1:13 PM > To: 'Kent_Landfield@McAfee.com'; m.kinne@radium.ncsc.mil; SCAP-DEV; > sacm@ietf.org > Subject: RE: Request for participants - Content Repository > Specification Development > > > > Kent, > > > > I have already started work on a draft specification in this area. My > hope is that this work could be used as an initial draft within SACM at > the appropriate time. Count me in. > > > > I mostly agree with what you are describing below. The only area I > disagree with is in regards to federation. If we do not implement the > specification for an organizational repository in the right way, we may > need to make major changes to support federation. This is not good for > anyone. In my mind these two concepts cannot be decoupled. We need to > insure that any work towards supporting an organizational repository > provides a foundation for supporting a federated repository network. > Imagine if DNS was designed with a single organization mindset first > without thinking about federation. Top Level Domains (TLDs) and > subdomains would not likely exist as concepts. An individual DNS > server would likely not support caching, time-to-live and delegating > capabilities that are necessary for federation to happen. All of these > things would need to be retrofitted. To prevent this, we need to > address the building blocks of federation in the basic design. > > > > Sincerely, > > Dave > > > > From: Kent_Landfield@McAfee.com [mailto:Kent_Landfield@McAfee.com] > Sent: Friday, May 11, 2012 12:36 PM > To: m.kinne@radium.ncsc.mil; Waltermire, David A.; SCAP-DEV; > sacm@ietf.org > Subject: Request for participants - Content Repository Specification > Development > > > > Mike I love it when you tee something up like that.. ;-) Thank you. ;) > > > > Mike wrote: > > I still think that any specification for a repository is wishful > thinking until someone builds one and learns the lessons it will just > be another whitepaper spec. I believe the DoD needs to incorporate a > metadata repository as part of it and other customizations that may not > be useful for everyone. > > We need to talk more. > > > > If you are talking about a holistic, complete federated approach to a > content repository, I some what agree. If you are talking about an > organizational repository, I totally disagree. But you knew I would. ;) > > > > Here is how I see the problem. There is an immediate need for SCAP and > other related content to be served up inside an organization. Today we > have situation where the standards allow us to provide sites the > capability to have a single SCAP implemented policy they call official > for their environment. Yes this is a rather simplistic since there are > things such as targeting specific platforms, specific operational use > needs, but for now lets agree SCAP is a massive improvement over the > proprietary situations of the past. While we have created this standard > content so that sites can implement their local site security once and > then assure they are measuring all appropriately targeted devices the > same way, we have failed to support the operational needs of the sites. > We have a situation where no two vendors distribute content the same > way. This causes massive problems for the administration staff when > they need to incorporate a new SCAP enabled product into their > architecture. They need to discover how the new product supports > distributing SCAP content to it's various components. If they have one > product then they do this one and they are done. If they have multiple > products they will have to figure out how to minimize the impact by > incorporating the update process for the new product into the existing > SCAP security content processes. Now when the inevitable happens and > the site staff needs to make a change to their security policy, they > have to make the modifications to the benchmark or checks or both and > then distribute those updates across their network. For each SCAP > enabled product they have in place, they have doubled, tripled or more > the work needed to make those updates available. > > > > There is another content repository problem and that is the Federated > Content Distribution. If you think global DNS you have a general frame > of reference. The guidance authors need to be able to publish content > in an authoritative manner so their content is updated in a timely > fashion. This is a much harder problem to solve if there is no local > organizational infrastructure to support it. ;) > > > > So here is what I am thinking. We should consider addressing these as > two separate but integrated efforts. I believe the Organizational > Content Repository is the more critical piece that is actually easier > to address. The Federated Content Distribution should be a subsequent > effort integrating / augmenting the Organizational repository > specification. > > > > Mike, to your point that we need someone to build one first. That has > happened already. I have one as do other vendors but what we don't > have is the access specification. Ours are focused on our specific > product needs. Additionally there is a company that has developed a > commercial SCAP content repository that will be announced later this > month. I won't steal their thunder but I was recently given a sneak > peek at it and I must admit I was very impressed. Again, to your > point, it has been done. What is needed to address the initial > operational problem is to develop a specification that provides a > consistent means for all SCAP products to retrieve the appropriate > content as configured and managed but the site. > > > > TO THAT END.. > > > > I am requesting participation from those in the community that see the > need and want to put in the work to make this specification happen. I > have talked to a couple of you but I do not want to assume your > participation. If you are interested please contact me so we can get > this started. > > > > Thanks! > > > > Kent Landfield > Director Content Strategy, Architecture and Standards > > McAfee | An Intel Company > 5000 Headquarters Dr. > Plano, Texas 75024 > > Direct: +1.972.963.7096 > Mobile: +1.817.637.8026 > Web: www.mcafee.com <http://www.mcafee.com/> > > > > From: <Kinney>, Michael A <m.kinne@radium.ncsc.mil> > To: David Waltermire <david.waltermire@nist.gov>, SCAP-DEV <SCAP- > DEV@nist.gov>, "sacm@ietf.org" <sacm@ietf.org> > Subject: Re: [sacm] [OVAL-DEVELOPER-LIST] Security Automation Developer > Days: Summer 2012 at MITRE in Bedford, MA > > > > Dave, > > I have no problem with webinars, I do want to keep developer days > actionable and use it to make decisions, and vote and accomplish things > good or bad. I do not want this to be an informational briefing > conference. > > Thanks for the links. > > > > I still think that any specification for a repository is wishful > thinking until someone builds one and learns the lessons it will just > be another whitepaper spec. I believe the DoD needs to incorporate a > metadata repository as part of it and other customizations that may not > be useful for everyone. > > We need to talk more. > > > > -Mike > > > > From: Waltermire, David A. [mailto:david.waltermire@nist.gov] > Sent: Tuesday, May 08, 2012 10:44 AM > To: Kinney, Michael A; SCAP-DEV; sacm@ietf.org > Subject: RE: [OVAL-DEVELOPER-LIST] Security Automation Developer > Days: Summer 2012 at MITRE in Bedford, MA > > > > Mike, > > > > What about having webinars in-place of the 30 minute briefs? > > > > Regarding content management, we are building the prototype > content repository for use in a production environment. As an open > source project, it will be free for use by anyone interested. My > thinking is that this project can bridge the gap until commercial > solutions are available to augment it. This is a similar path that was > followed with DNS (bind) and HTTP (apache). When it is ready for use, > I am hoping to use it to host USGCB content. You would be welcome to > use it for your needs. > > > > It is good that OCIL is moving forward. This is an important > piece of supporting risk management and aspects of continuous > monitoring. I would also like to see some discussion on OCIL at > Developer Days. With the proposals we will likely have a sense of what > needs to be discussed and what we can achieve consensus on outside the > meeting. > > > > Remediation is a topic near and dear to my heart. I too would > like to see it move forward. > > > > We just published the draft ASR specification for public comment. > This specification supports enterprise aggregate reporting which > greatly reduces the data volumes needed verses detailed host-based > reports. This specification has been designed as a more robust > replacement for LASR. It can be used in continuous monitoring > applications to support aggregate data reporting needs (e.g. FISMA > reporting, CyberScope). > > > > Here are the links: > > > > http://csrc.nist.gov/publications/PubsDrafts.html > > http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7848 > > > > The primary reason we have suggested waiting on XCCDF is not the > internationalization issue. Many vendors have commented that they are > still working on implementing the XCCDF 1.2.1 specification. We will be > in a better place in a few months once more development around XCCDF > has occurred. As we consider changes to the SCAP stack to address OCIL > and other issues, we will identify areas that need improvement in > XCCDF. These are good and necessary discussions to have now, but we > have a good deal of work to do before we are ready to open up XCCDF. > My suggestion is to work on these related areas and then work up change > proposals for XCCDF as needed. By that time we should be ready to work > on a new revision of XCCDF. > > > > I am also looking forward to the discussions at the conference. > It has been too long. > > > > Sincerely, > > Dave > > > > From: Kinney, Michael A [mailto:m.kinne@radium.ncsc.mil] > Sent: Tuesday, May 08, 2012 7:09 AM > To: SCAP-DEV > Cc: Waltermire, David A. > Subject: RE: [OVAL-DEVELOPER-LIST] Security Automation Developer > Days: Summer 2012 at MITRE in Bedford, MA > > > > Kent, > > > > It's good to read your thoughts, and a realistic actionable > approach is indeed needed. Since all the activity hasn't been on the > lists a brief 1Ž2 hour recap may be in order to bring everyone up to > speed since there has been a lot of activity on CPE/SWID, OCIl, > MAEC/CybOX CEE and others. > > > > We could write a content repository specification, but without > someone willing to stand one up it will be as valuable as the CCSS > specification is today. I've been trying for two years to get my > management to get a coordinated effort together for the DoD to stand up > a repository, it is a tough problem and will require funding with a > tail, I'm not sure a specification will solve that problem. > > > > We (DoD) have been putting a lot of effort into OCIL over the > last year trying to make it useful in an enterprise environment and > will be posting our ideas to the list before developer days it should > have already started, we need to get consensus and a vote on how the > community wishes to proceed. > > > > Remediation is stalled but I'm making every effort to get it kick > started from our perspective. I hope to assist in getting the draft ERI > finished this year. We are writing some new STIG content and intend to > used the draft CRE specification to insert CRE into the content so we > (DoD) can do some automatic configuration fixes, part of a self healing > network concept. It is just a start but the best we can do at this > point. > > > > Enterprise reporting is an interesting subject, since XML adds > size to and content to roll up reporting, in any enterprise of size the > problem gets greater, I look forward to your thoughts on that subject. > > > > I am concerned that the internationalization efforts are > detracting from efforts to meet use cases, we have some things we would > like changed in XCCDF to support our OCIl use case and I have been told > that I need to wait. I didn't think that a move to internationalization > should impede efforts to move forward with use cases. > > > > I look forward to talking with you at the conference. > > > > v/r > > > > Mike Kinney > > Project Director > > Computer Network Defense Research and Technology (CND R&T) Office > > 9800 Savage Road Ste 6767 > Ft Meade, MD 20755-6767 > Phone: 410-854-4422 > NSTS: 968-8886 > Fax 410-854-4681 > > makinn2@nsa.gov <mailto:M.kinne@radium.ncsc.mil> > > > > > > > > From:scap-dev@nist.gov [mailto:scap-dev@nist.gov] On Behalf Of > Waltermire, David A. > Sent: Monday, May 07, 2012 7:09 PM > To: Multiple recipients of list > Subject: RE: [OVAL-DEVELOPER-LIST] Security Automation Developer > Days: Summer 2012 at MITRE in Bedford, MA > > > > Kent, > > > > I like what you are saying here. We are also in support of this > type of approach. We would like to see some community discussion > around what are the key areas/priorities that the community would like > to see discussed at Dev Days. Your topics below look like a good > start. The SACM list might be a better venue than the OVAL list for > this discussion. For each area we should focus the discussion around > developing objectives for each session. The sessions can be time boxed > based on what would be a reasonable amount of time to accomplish each > objective. For example if continuous monitoring is a priority and > collectively it takes 3 days to work through all the objectives, I see > no problem with that. We can also keep a few sessions "on deck" if all > the objectives are reached and we complete all the scheduled sessions > early. > > > > Thoughts? > > > > Sincerely, > > > > David Waltermire > > SCAP Architect > > National Institute of Standards and Technology > > (301) 975-3390 > > david.waltermire@nist.gov > > > > From:scap-dev@nist.gov [mailto:scap-dev@nist.gov] On Behalf Of > Kent_Landfield@mcafee.com > Sent: Monday, May 07, 2012 4:25 PM > To: SCAP-DEV > Subject: Re: [OVAL-DEVELOPER-LIST] Security Automation Developer > Days: Summer 2012 at MITRE in Bedford, MA > > > > All, > > > > I would like to discuss the format for the SCAP Developer Days > that seems to be listed below. > > > > I see this appears to follow a path we have discussed in the past > as the way not to hold a Dev Days event. We have been trying to get > away from 'Death by Powerpoint' and back to the type of event we held > years ago when we were highly productive. In the past we had a topic > to be discussed and a time box to work within. That allowed us to have > very active brainstorming sessions in a high bandwidth environment. > > > > At past Summer events we have got into a pattern of lots of > powerpoint, lots of status of the efforts and very little discussion > about things that need active discussions. We need to keep moving > forward and making progress as an effort. We can get status from > various places such as the lists, a presentation being sent out in > advance, a webinar if it is felt there will be questions and answers > from those that are new to the efforts. We have a limited amount of > time and all who are attending are investing a great deal of time and > money to be there. We should not be spending a great deal of time > reeducating everyone when we could be focused on advancing needed > efforts. > > > > The type of approach to a Dev Days event was discussed at the > last Summer Dev Days. I have seen the following work quite well in > other efforts. > > 1. Presentations are sent out to the attendees and the lists a > week in advance. > 2. Status for any effort is limited to 30 minutes > 3. Focused brainstorming time should be established for > certain areas that need real work by the community > 4. Efforts to be discussed should be based on needs of the > security automation space to move existing efforts to completion. > > For example: > > > > Continuous monitoring is a major direction the efforts are > becoming involved with. There are going to be things we need to do as a > security automation community to be able to accomplish what is listed > in the CAESARS FE. There are interfaces that need to be worked and > established. That is one area that is not listed below. CM will have > a major impact on all of us in the next couple years and it is being > ignored. We can't keep trying to solve what has already been solved. > We need to address the needed interface development now. This is an > effort that could take nearly a whole day by itself. > > > > Operationally we have a real need to be able to deliver SCAP > content internally within an organization. Today the SCAP vendors > cannot share a single local site security policy (XCCDF + OVAL + CPE > +.) without the site staff having to go to each of the individual > products and figuring out how to inject that new or updated policy into > that products delivery mechanisms. That is limiting sites from wanting > to buy multiple focused SCAP products since they are such a pain to > manage from a content perspective. It is easier to buy from one vendor > that has a single means for distributing content than it is to deal > with the management issues that having multiple SCAP products presents. > We need to have at least an entire 1/2 a day on the development of a > Content Repository specification. > > > > OCIL is a positive and a negative at the same time. It has real > value that is being underutilized and under implemented because of the > limitations of how it addresses uses in an enterprise environment. > People don't need security automation to do things on/for a single > host. They need security automation to focus on the enterprise issues > that reduce their costs and improve their efficiencies. OCIL is > failing in the enterprise and we all understand that. We need to > address developing a definitive solution for incorporating OCIL into > the enterprise and that means into the existing specifications. > Scheduling and tracking are key to it's success. We need to make that > happen. This too needs a focused brainstorming time box to discuss > options. > > > > I am really disappointed that Remediation is not on the list > below. Yes, last Summer Dev Days, the time spent on Remediation was > wasted time but that does not mean we should ignore it and not try to > make some real progress. As far as I am concerned we need to reboot > the remediation effort. We cannot keep being the set of specifications > / tools that act as the little boy crying "Wolf" in the night. We need > to be able to find and fix issues if we are going to really make a > difference in organizational security postures. But today we think it > is too hard so we don't try ? I think we need a couple hours to > discuss the reboot of the effort even if that means minimizing work > already done. > > > > A focused discussion on enterprise reporting is also critically > needed. For the vendors here, we have all gone through the Cyberscope > goat rope, delivering limited capabilities to specific data call > requirements of the Federal Agencies. The initial effort was a mess, > did little more than prove it was possible and cause the vendor > community a great deal of thrashing to put a kludgey 'solution' in > place. Reality is all our customers need roll up reporting and an > infrastructure that supports it. A data call should not be special to > anyone other than the agencies responding. The tools should be able to > select the types of data needed and deliver that on a scheduled basis > automatically. Enterprise Reporting pertains to commercial as well > as Federal customers. We need to focus some time on what that would > look like using the ARF and ASR as the foundational pieces. But there > are missing pieces.. We need this discussed. > > > > I would hope we can make this summer's SCAP Dev Days useful in > advancing the security automation efforts by addressing some of the > more critical issues our customers are facing now or will be facing in > the very short term. Status presentations are not interesting to those > active in the efforts. Let's try to do those before we get to Bedford > so we can real make some progress while we are all in the same room. > This is always a big event for the 'consensus of the willing' that > assemble and driven to see security automation make a difference. > Let's see if we can have an event that, when we all walk out the last > day, we all feel that every minute was well spent and moves us forward. > > > > Thanks. > > > > Kent Landfield > Director Content Strategy, Architecture and Standards > > McAfee | An Intel Company > 5000 Headquarters Dr. > Plano, Texas 75024 > > Direct: +1.972.963.7096 > Mobile: +1.817.637.8026 > Web: www.mcafee.com <http://www.mcafee.com/> > > > > From: <Boczenowski>, Steve <sboczeno@MITRE.ORG> > Reply-To: "OVAL Developer List (Closed Public Discussion)" <OVAL- > DEVELOPER-LIST@LISTS.MITRE.ORG> > To: "OVAL-DEVELOPER-LIST@LISTS.MITRE.ORG" <OVAL-DEVELOPER- > LIST@LISTS.MITRE.ORG> > Subject: Re: [OVAL-DEVELOPER-LIST] Security Automation Developer > Days: Summer 2012 at MITRE in Bedford, MA > > > > Frank; > > > > We hope to have the registration site up next week. The > event will be during the week of July 9 - starting Monday at 10:00 AM > and ending on Friday at 12:00. > > > > Meanwhile, we are working on the agenda and are currently > considering this list of topics: > > > > CCE > > CPE/SWID > > CEE > > XCCDF > > OVAL > > ASR > > Enterprise OCIL > > CybOX/MAEC > > Federated Content Repository Spec > > Endpoint Reporting for Continuous Monitoring and Compliance > (ERCC) > > MILE > > TAXII > > IF-M for SCAP > > IF-MAP > > SCAP Releases > > SCAP and IETF > > NETCONF and SCAP > > > > Steve > > > > From: Frank Lindsay Acker [mailto:afrank@NOVA.EDU] > Sent: Tuesday, May 01, 2012 9:32 AM > To: oval-developer-list OVAL Developer List/Closed Public > Discussion > Subject: Re: [OVAL-DEVELOPER-LIST] Security Automation > Developer Days: Summer 2012 at MITRE in Bedford, MA > > > > Steve.... > > Has there been any additional information regarding this > event? > > Thanks, > Frank Acker > > > ________________________________ > > > From: Boczenowski, Steve [sboczeno@MITRE.ORG] > Sent: Tuesday, March 20, 2012 16:38 > To: OVAL-DEVELOPER-LIST@LISTS.MITRE.ORG > Subject: [OVAL-DEVELOPER-LIST] Security Automation > Developer Days: Summer 2012 at MITRE in Bedford, MA > > Save the Date: week of July 9, 2012 > > > > This year's MITRE-hosted Security Automation Developer Days > event will be held during the week of July 9, 2012 at MITRE's facility > in Bedford, MA. > > > > Details to follow. > > > > Regards, > > Steve > > > > ______________________________________________ > > Stephen P. Boczenowski > > The MITRE Corporation > > Office: (781) 271-7682 > > Cell: (978) 302-3849 > > sboczeno@mitre.org > > > > To unsubscribe, send an email message to > LISTSERV@LISTS.MITRE.ORG with SIGNOFF OVAL-DEVELOPER-LIST in the BODY > of the message. If you have difficulties, write to OVAL-DEVELOPER-LIST- > request@LISTS.MITRE.ORG. > > To unsubscribe, send an email message to > LISTSERV@LISTS.MITRE.ORG with SIGNOFF OVAL-DEVELOPER-LIST in the BODY > of the message. If you have difficulties, write to OVAL-DEVELOPER-LIST- > request@LISTS.MITRE.ORG. > > To unsubscribe, send an email message to > LISTSERV@LISTS.MITRE.ORG with SIGNOFF OVAL-DEVELOPER-LIST in the BODY > of the message. If you have difficulties, write to OVAL-DEVELOPER-LIST- > request@LISTS.MITRE.ORG.
- Re: [sacm] [OVAL-DEVELOPER-LIST] Security Automat… Adam Montville
- Re: [sacm] [OVAL-DEVELOPER-LIST] Security Automat… Waltermire, David A.
- Re: [sacm] [OVAL-DEVELOPER-LIST] Security Automat… Kinney, Michael A
- [sacm] Request for participants - Content Reposit… Kent_Landfield
- Re: [sacm] Request for participants - Content Rep… Gunnar Engelbach
- Re: [sacm] Request for participants - Content Rep… Michael Hammer
- Re: [sacm] Request for participants - Content Rep… Waltermire, David A.
- Re: [sacm] Request for participants - Content Rep… Natale, Bob
- Re: [sacm] Request for participants - Content Rep… Gunnar Engelbach
- Re: [sacm] Request for participants - Content Rep… Chandrashekhar B
- Re: [sacm] Request for participants - Content Rep… Andrew Bove [SA]
- Re: [sacm] Request for participants - Content Rep… Waltermire, David A.
- Re: [sacm] Request for participants - Content Rep… Kent_Landfield
- Re: [sacm] Request for participants - Content Rep… kathleen.moriarty
- Re: [sacm] Request for participants - Content Rep… Gunnar Engelbach
- Re: [sacm] Request for participants - Content Rep… Waltermire, David A.
- Re: [sacm] Request for participants - Content Rep… Waltermire, David A.
- Re: [sacm] Request for participants - Content Rep… Panos Kampanakis
- Re: [sacm] Request for participants - Content Rep… Waltermire, David A.
- Re: [sacm] [scap-dev] Request for participants - … Waltermire, David A.
- Re: [sacm] [scap-dev] Request for participants - … Waltermire, David A.
- Re: [sacm] [scap-dev] Request for participants - … Kurt Seifried
- Re: [sacm] [scap-dev] Request for participants - … Chandrashekhar B
- Re: [sacm] [scap-dev] Request for participants - … Waltermire, David A.
- Re: [sacm] [scap-dev] Request for participants - … Waltermire, David A.
- Re: [sacm] [scap-dev] Request for participants - … Gunnar Engelbach
- Re: [sacm] [scap-dev] Request for participants - … Gunnar Engelbach
- Re: [sacm] [scap-dev] Request for participants - … Gunnar Engelbach
- Re: [sacm] [scap-dev] Request for participants - … Panos Kampanakis
- Re: [sacm] [scap-dev] Request for participants - … Gunnar Engelbach
- Re: [sacm] [scap-dev] Request for participants - … Panos Kampanakis
- Re: [sacm] [scap-dev] Request for participants - … Kurt Seifried
- Re: [sacm] [scap-dev] Request for participants - … Kurt Seifried
- Re: [sacm] [scap-dev] Request for participants - … Kurt Seifried
- Re: [sacm] [scap-dev] Request for participants - … Gunnar Engelbach
- Re: [sacm] [scap-dev] Request for participants - … Waltermire, David A.
- Re: [sacm] [scap-dev] Request for participants - … Waltermire, David A.
- Re: [sacm] [scap-dev] Request for participants - … Michael Hammer
- Re: [sacm] [scap-dev] Request for participants - … Waltermire, David A.
- Re: [sacm] [scap-dev] Request for participants - … Michael Hammer
- Re: [sacm] [scap-dev] Request for participants - … Waltermire, David A.
- Re: [sacm] Request for participants - Content Rep… Sean Turner
- Re: [sacm] [scap-dev] Request for participants - … Halbardier, Adam [USA]
- Re: [sacm] [scap-dev] Request for participants - … Halbardier, Adam [USA]
- Re: [sacm] Request for participants - Content Rep… Chandrashekhar B
- Re: [sacm] Request for participants - Content Rep… Waltermire, David A.
- Re: [sacm] Request for participants - Content Rep… Luis Nunez
- Re: [sacm] Request for participants - Content Rep… Chandrashekhar B