Re: [scap_interest] Operational Aspects
Adam Montville <amontville@tripwire.com> Thu, 16 February 2012 17:56 UTC
Return-Path: <amontville@tripwire.com>
X-Original-To: scap_interest@ietfa.amsl.com
Delivered-To: scap_interest@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2567721F883A for <scap_interest@ietfa.amsl.com>; Thu, 16 Feb 2012 09:56:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.307
X-Spam-Level:
X-Spam-Status: No, score=-4.307 tagged_above=-999 required=5 tests=[AWL=-0.708, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VyS2TdT99hTB for <scap_interest@ietfa.amsl.com>; Thu, 16 Feb 2012 09:56:30 -0800 (PST)
Received: from DB3EHSOBE005.bigfish.com (db3ehsobe002.messaging.microsoft.com [213.199.154.140]) by ietfa.amsl.com (Postfix) with ESMTP id 6093B21F87EC for <scap_interest@ietf.org>; Thu, 16 Feb 2012 09:56:30 -0800 (PST)
Received: from mail62-db3-R.bigfish.com (10.3.81.253) by DB3EHSOBE005.bigfish.com (10.3.84.25) with Microsoft SMTP Server id 14.1.225.23; Thu, 16 Feb 2012 17:56:29 +0000
Received: from mail62-db3 (localhost [127.0.0.1]) by mail62-db3-R.bigfish.com (Postfix) with ESMTP id 4694F4A02A1; Thu, 16 Feb 2012 17:56:29 +0000 (UTC)
X-SpamScore: -36
X-BigFish: VPS-36(zzbb2dI9371I1432N1418M98dKzz1202hzz1033IL8275bh8275dhz2dh2a8h668h839h946h)
X-Forefront-Antispam-Report: CIP:174.47.84.216; KIP:(null); UIP:(null); IPV:NLI; H:PDXHB01.tripwire.com; RD:174-47-84-216.static.twtelecom.net; EFVD:NLI
Received: from mail62-db3 (localhost.localdomain [127.0.0.1]) by mail62-db3 (MessageSwitch) id 1329414986989966_27958; Thu, 16 Feb 2012 17:56:26 +0000 (UTC)
Received: from DB3EHSMHS018.bigfish.com (unknown [10.3.81.236]) by mail62-db3.bigfish.com (Postfix) with ESMTP id E5728480263; Thu, 16 Feb 2012 17:56:26 +0000 (UTC)
Received: from PDXHB01.tripwire.com (174.47.84.216) by DB3EHSMHS018.bigfish.com (10.3.87.118) with Microsoft SMTP Server (TLS) id 14.1.225.23; Thu, 16 Feb 2012 17:56:26 +0000
Received: from PDXHB01.tripwire.com (172.30.0.53) by PDXED01.tripwire.com (192.168.192.5) with Microsoft SMTP Server (TLS) id 14.1.355.2; Thu, 16 Feb 2012 10:05:08 -0800
Received: from PDXMB02.tripwire.com ([fe80::f997:7b65:8e64:438e]) by PDXHB01.tripwire.com ([fe80::d495:98d2:7df4:2154%11]) with mapi id 14.01.0355.002; Thu, 16 Feb 2012 09:56:23 -0800
From: Adam Montville <amontville@tripwire.com>
To: Luis Nunez <lnunez@c3isecurity.com>
Thread-Topic: [scap_interest] Operational Aspects
Thread-Index: AQHM611pUdMxDo8SrEm/UADfFmLhZ5Y9b7oA//+GooCAA2EKgP//enOA
Date: Thu, 16 Feb 2012 17:56:22 +0000
Message-ID: <CB62830E.950B%amontville@tripwire.com>
In-Reply-To: <27F65864-3773-40C9-BB6F-8909CB0E94AD@c3isecurity.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.14.0.111121
x-originating-ip: [172.30.0.234]
x-exclaimer-md-config: 79afcaa7-fdf4-4fa6-abe0-afeaa4640a4f
Content-Type: text/plain; charset="Windows-1252"
Content-ID: <AC033AA2291439468CC8C6153D4CE050@tripwire.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: tripwire.com
Cc: "scap_interest@ietf.org" <scap_interest@ietf.org>
Subject: Re: [scap_interest] Operational Aspects
X-BeenThere: scap_interest@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion List for IETFers interested in the Security Content Automation Protocol \(SCAP\)." <scap_interest.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scap_interest>, <mailto:scap_interest-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scap_interest>
List-Post: <mailto:scap_interest@ietf.org>
List-Help: <mailto:scap_interest-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scap_interest>, <mailto:scap_interest-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Feb 2012 17:56:35 -0000
Red Hat might have one for their systems as well. Also, I think that continuous monitoring has an important role to play here with their content repository interface specifications. Adam On 2/16/12 9:54 AM, "Luis Nunez" <lnunez@c3isecurity.com> wrote: >Since you mentioned "NVD" also known as the National Vulnerability >Database. I think at some point the IETF will be helpful in creating a >protocol to communicate with these content repositories. Last I counted >was 7 content repositories. >In no particular order and I am sure there are more out there. > >-SecPod >-Novell >-NVD >-IT Security Database >-Debian >-Altx-soft > >-ln > > >On Feb 14, 2012, at 5:18 PM, Adam Montville wrote: > >> Fair enough. Just throwing things against the wall as they come to >>mind. >> >> Adam >> >> From: kent_landfield >><kent_landfield@mcafee.com<mailto:kent_landfield@mcafee.com>> >> Date: Tue, 14 Feb 2012 15:32:38 -0600 >> To: Adam Montville >><amontville@tripwire.com<mailto:amontville@tripwire.com>>, >><scap_interest@ietf.org<mailto:scap_interest@ietf.org>> >> Subject: Re: [scap_interest] Operational Aspects >> >> Adam, >> >> We have more than enough on our plate with the specification / I-D >>work. Let's see if we can deal with this in a more appropriate forum. I >>do not see this as that forum. My 2centsÅ >> >> Thanks. >> >> Kent Landfield >> Director Content Strategy, Architecture and Standards >> >> McAfee | An Intel Company >> 5000 Headquarters Dr. >> Plano, Texas 75024 >> >> Direct: +1.972.963.7096 >> Mobile: +1.817.637.8026 >> Web: www.mcafee.com<http://www.mcafee.com/> >> >> From: Adam Montville >><amontville@tripwire.com<mailto:amontville@tripwire.com>> >> Date: Tue, 14 Feb 2012 15:12:51 -0600 >> To: "scap_interest@ietf.org<mailto:scap_interest@ietf.org>" >><scap_interest@ietf.org<mailto:scap_interest@ietf.org>> >> Subject: [scap_interest] Operational Aspects >> >> While we're all bantering about on security automation, there's another >>side to the story. Are there any operational concerns we might address >>within a WG should one be formed? For example, we have, in the United >>States, NVD hosting a repository of information. CCE identifiers are >>moderated and assigned by an operational process. As new enumerations >>are published and new types of content are conceived, it's easy to >>imagine the need for some operational standardization. >> >> Should we consider standardizing some of these processes, and if so >>would the WG we seek to establish be the appropriate place for that work? >> >> Regards, >> >> Adam W. Montville | Security and Compliance Architect >> >> Direct: 503 276-7661 >> Mobile: 360 471-7815 >> >> TRIPWIRE | Take CONTROL >> http://www.tripwire.com >> >> _______________________________________________ >> scap_interest mailing list >> scap_interest@ietf.org<mailto:scap_interest@ietf.org> >> https://www.ietf.org/mailman/listinfo/scap_interest >> >> >> _______________________________________________ >> scap_interest mailing list >> scap_interest@ietf.org >> https://www.ietf.org/mailman/listinfo/scap_interest > >
- [scap_interest] Operational Aspects Adam Montville
- Re: [scap_interest] Operational Aspects Kent_Landfield
- Re: [scap_interest] Operational Aspects Adam Montville
- Re: [scap_interest] Operational Aspects Luis Nunez
- Re: [scap_interest] Operational Aspects Adam Montville
- Re: [scap_interest] Operational Aspects Gunnar Engelbach
- Re: [scap_interest] Operational Aspects Kent_Landfield
- Re: [scap_interest] Operational Aspects Waltermire, David A.
- Re: [scap_interest] Operational Aspects Adam Montville
- Re: [scap_interest] Operational Aspects Waltermire, David A.
- Re: [scap_interest] Operational Aspects Chandrashekhar B
- Re: [scap_interest] Operational Aspects Jerome Athias