[scap_interest] IETF 83 Birds of a Feather Session Preparation

Adam Montville <amontville@tripwire.com> Mon, 13 February 2012 22:16 UTC

Return-Path: <amontville@tripwire.com>
X-Original-To: scap_interest@ietfa.amsl.com
Delivered-To: scap_interest@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 24A5321E8047 for <scap_interest@ietfa.amsl.com>; Mon, 13 Feb 2012 14:16:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.599
X-Spam-Status: No, score=-8.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, GB_I_LETTER=-2, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id v8NzGyCMLui7 for <scap_interest@ietfa.amsl.com>; Mon, 13 Feb 2012 14:16:25 -0800 (PST)
Received: from TX2EHSOBE002.bigfish.com (tx2ehsobe002.messaging.microsoft.com []) by ietfa.amsl.com (Postfix) with ESMTP id D993021E8044 for <scap_interest@ietf.org>; Mon, 13 Feb 2012 14:16:24 -0800 (PST)
Received: from mail30-tx2-R.bigfish.com ( by TX2EHSOBE002.bigfish.com ( with Microsoft SMTP Server id; Mon, 13 Feb 2012 22:16:22 +0000
Received: from mail30-tx2 (localhost []) by mail30-tx2-R.bigfish.com (Postfix) with ESMTP id ED179C02F9 for <scap_interest@ietf.org>; Mon, 13 Feb 2012 22:16:21 +0000 (UTC)
X-SpamScore: -27
X-BigFish: VPS-27(zz9f17Rc85fhzz1202hzz1033IL8275bh8275dhz2dh793h2a8h668h839hbe3k34h)
X-Forefront-Antispam-Report: CIP:; KIP:(null); UIP:(null); IPV:NLI; H:PDXHB01.tripwire.com; RD:174-47-84-216.static.twtelecom.net; EFVD:NLI
Received: from mail30-tx2 (localhost.localdomain []) by mail30-tx2 (MessageSwitch) id 1329171380178913_23281; Mon, 13 Feb 2012 22:16:20 +0000 (UTC)
Received: from TX2EHSMHS017.bigfish.com (unknown []) by mail30-tx2.bigfish.com (Postfix) with ESMTP id 1CEAA120056 for <scap_interest@ietf.org>; Mon, 13 Feb 2012 22:16:20 +0000 (UTC)
Received: from PDXHB01.tripwire.com ( by TX2EHSMHS017.bigfish.com ( with Microsoft SMTP Server (TLS) id; Mon, 13 Feb 2012 22:16:18 +0000
Received: from PDXHB01.tripwire.com ( by PDXED01.tripwire.com ( with Microsoft SMTP Server (TLS) id 14.1.355.2; Mon, 13 Feb 2012 14:25:07 -0800
Received: from PDXMB02.tripwire.com ([fe80::f997:7b65:8e64:438e]) by PDXHB01.tripwire.com ([fe80::d495:98d2:7df4:2154%11]) with mapi id 14.01.0355.002; Mon, 13 Feb 2012 14:16:19 -0800
From: Adam Montville <amontville@tripwire.com>
To: "scap_interest@ietf.org" <scap_interest@ietf.org>
Thread-Topic: IETF 83 Birds of a Feather Session Preparation
Thread-Index: AQHM6p0bY1wjeDWpKEejrdBgIBb8pQ==
Date: Mon, 13 Feb 2012 22:16:18 +0000
Message-ID: <CB5E5617.8F09%amontville@tripwire.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
user-agent: Microsoft-MacOutlook/
x-originating-ip: []
x-exclaimer-md-config: 79afcaa7-fdf4-4fa6-abe0-afeaa4640a4f
Content-Type: multipart/mixed; boundary="_002_CB5E56178F09amontvilletripwirecom_"
MIME-Version: 1.0
X-OriginatorOrg: tripwire.com
Subject: [scap_interest] IETF 83 Birds of a Feather Session Preparation
X-BeenThere: scap_interest@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion List for IETFers interested in the Security Content Automation Protocol \(SCAP\)." <scap_interest.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scap_interest>, <mailto:scap_interest-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scap_interest>
List-Post: <mailto:scap_interest@ietf.org>
List-Help: <mailto:scap_interest-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scap_interest>, <mailto:scap_interest-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Feb 2012 22:16:26 -0000


You may recall that in November 2010 an IETF BoF was held with the goal of
introducing the IETF community to SCAP and, ultimately, to consider 1)
whether the technology was mature enough for standardization, and 2)
whether such standardization should take place under the auspices of the

On February 10, 2012 a Vendor Letter - signed by 16 executive-level
representatives - was sent to various SCAP stakeholders at NIST, DHS,
NCSC, and other US Government agencies.  The Vendor Letter (attached)
demonstrates a 
significant level of support among vendors for moving security automation
development to the IETF.

Now, we seek to schedule a WG-forming BoF session during IETF 83 in Paris.
 As a WG-forming BoF, we will be discussing a charter, potential drafts,
and other important aspects concerning the possible move of security
automation development to the IETF.

I invite all vendors, government representatives, specification authors
and contributors to engage in a discussion on the scap_interest list (to
subscribe visit: https://www.ietf.org/mailman/listinfo/scap_interest).
Such discussion should occur before IETF 83 and cover what moving security
automation development to the IETF would mean, how a WG might be
structured, what a charter might look like, which specifications should be
first drafted, what pieces are missing, and how continuous monitoring
might additionally be included.


The following are areas of concern (in addition to what already exists in
the security automation domain today) we believe would be suitable for
furthering the security automation efforts on a global scale:

  * XCCDF 1.2.1
    * Alternate checking systems
    * Targeting and scheduling for interrogative checking systems
  * Security automation core elements
  * Risk scoring normalization and unification

NOTE: I originally sent this with multiple recipients, but that message
was held for moderation.  I'm "reposting" the message without the
additional recipients.


Adam W. Montville | Security and Compliance Architect

Direct: 503 276-7661
Mobile: 360 471-7815