IETF Logo Mail Archive

[sacm] FOR REVIEW: Vulnerability Assessment Scenario Issue #6 - Storage of Collected Data

"Haynes, Dan" <dhaynes@mitre.org> Wed, 18 May 2016 11:55 UTC

Return-Path: <dhaynes@mitre.org>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 71DAA12D0EC for <sacm@ietfa.amsl.com>; Wed, 18 May 2016 04:55:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.625
X-Spam-Level:
X-Spam-Status: No, score=-5.625 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.426] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mitre.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XKYEgFYzzNFb for <sacm@ietfa.amsl.com>; Wed, 18 May 2016 04:55:09 -0700 (PDT)
Received: from smtpvmsrv1.mitre.org (smtpvmsrv1.mitre.org [192.52.194.136]) by ietfa.amsl.com (Postfix) with ESMTP id 362A112D0EA for <sacm@ietf.org>; Wed, 18 May 2016 04:55:09 -0700 (PDT)
Received: from smtpvmsrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id DFF7B6C01BD for <sacm@ietf.org>; Wed, 18 May 2016 07:55:08 -0400 (EDT)
Received: from imshyb02.MITRE.ORG (imshyb02.mitre.org [129.83.29.3]) by smtpvmsrv1.mitre.org (Postfix) with ESMTP id CFCEF6C00C6 for <sacm@ietf.org>; Wed, 18 May 2016 07:55:08 -0400 (EDT)
Received: from imshyb02.MITRE.ORG (129.83.29.3) by imshyb02.MITRE.ORG (129.83.29.3) with Microsoft SMTP Server (TLS) id 15.0.1130.7; Wed, 18 May 2016 07:55:08 -0400
Received: from gcc01-CY1-obe.outbound.protection.outlook.com (10.140.19.249) by imshyb02.MITRE.ORG (129.83.29.3) with Microsoft SMTP Server (TLS) id 15.0.1130.7 via Frontend Transport; Wed, 18 May 2016 07:55:08 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mitre.onmicrosoft.com; s=selector1-mitre-org; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=0EcDPlRW/n4EtLG9SctJh3+gGbkHyTV9pgt68atDp48=; b=f+6MJvuxThs/MUdBxKvZW6nXbA04SF2bkygvtZ/d0C+yzhXNIm7lG2afJds6e473fWRhfdGEeww0GRPCnx99sNsbHwoHdBHdqEI9VSo6Zv7XAYDhfmxDMzY+DHbbsvjw0iRz3KY5oHGnL2ct4MR1jIvVXrsejmH0Bmi8lwJvQ6I=
Received: from BY2PR09MB1078.namprd09.prod.outlook.com (10.166.116.10) by BY2PR09MB1080.namprd09.prod.outlook.com (10.166.116.12) with Microsoft SMTP Server (TLS) id 15.1.497.12; Wed, 18 May 2016 11:55:07 +0000
Received: from BY2PR09MB1078.namprd09.prod.outlook.com ([10.166.116.10]) by BY2PR09MB1078.namprd09.prod.outlook.com ([10.166.116.10]) with mapi id 15.01.0497.019; Wed, 18 May 2016 11:55:06 +0000
From: "Haynes, Dan" <dhaynes@mitre.org>
To: "sacm@ietf.org" <sacm@ietf.org>
Thread-Topic: FOR REVIEW: Vulnerability Assessment Scenario Issue #6 - Storage of Collected Data
Thread-Index: AdGwcVmIpNQ56eowQhqVlJVqB7O8AA==
Date: Wed, 18 May 2016 11:55:06 +0000
Message-ID: <BY2PR09MB1078B4DDDE8F588B823F5232A5490@BY2PR09MB1078.namprd09.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=mitre.org;
x-originating-ip: [192.160.51.87]
x-ms-office365-filtering-correlation-id: 3892211c-9388-4e91-e8de-08d37f13417c
x-microsoft-exchange-diagnostics: 1; BY2PR09MB1080; 5:zjWVAHYq2GQhbDP5UsmnU6f+k9sTU1joo5G/hoEAg/7yJiulDPGC0HOFQYb27t6kJVD2pzFd2MEKQA3VLMgVyJ/guTcmUYrdcsxRsvWt2YfaBdvaZdzNVcRh3XJ7oagXZqp6fzRCMgen2DtW2At0nA==; 24:z1ShbpufNg/vNt+tErGlwf+HuuQCF31cOkgYotZQRr/2lWm2LQXst5BJLHkEh6V+qufjiqz/JgZOGbegBDt0WBfTkYDinzPsUZ7T8zePHAY=; 7:2SQfiHV0YDPfnIlIvej2zmFC0Ebb3nq/TEM7ZcP/AeFLmH7Xm+NcJM7imQup50k8wkWeSrfmSxvwbv5jjkJKgwooKL1VzdqmoZMfuL4Lji2eLaPj6/18o9wLCo7svwOLZiqkCY7fOBhP3SlzOlJnpPr7E99OaWEZKmVcrhFATZhwbO/Zy4uhZpQ3iLFBqiNN
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY2PR09MB1080;
x-microsoft-antispam-prvs: <BY2PR09MB10801339E2E6D3963BA2072FA5490@BY2PR09MB1080.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6055026); SRVR:BY2PR09MB1080; BCL:0; PCL:0; RULEID:; SRVR:BY2PR09MB1080;
x-forefront-prvs: 0946DC87A1
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(57704003)(5383002)(478694002)(15975445007)(5002640100001)(2900100001)(586003)(77096005)(122556002)(5003600100002)(9686002)(5008740100001)(10400500002)(790700001)(102836003)(87936001)(19617315012)(1220700001)(189998001)(16236675004)(6116002)(5004730100002)(3280700002)(110136002)(19625215002)(33656002)(66066001)(2906002)(74316001)(107886002)(54356999)(5630700001)(450100001)(50986999)(81166006)(2501003)(8936002)(5640700001)(99286002)(86362001)(19580395003)(229853001)(3846002)(2351001)(8676002)(19300405004)(76576001)(1730700003)(3660700001)(92566002); DIR:OUT; SFP:1101; SCL:1; SRVR:BY2PR09MB1080; H:BY2PR09MB1078.namprd09.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en;
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BY2PR09MB1078B4DDDE8F588B823F5232A5490BY2PR09MB1078namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 May 2016 11:55:06.8245 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: c620dc48-1d50-4952-8b39-df4d54d74d82
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR09MB1080
X-OriginatorOrg: mitre.org
Archived-At: <http://mailarchive.ietf.org/arch/msg/sacm/VqKKoqPrIwnRAlkt6XHC1gAU3XA>
Subject: [sacm] FOR REVIEW: Vulnerability Assessment Scenario Issue #6 - Storage of Collected Data
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 May 2016 11:55:11 -0000

During yesterday's virtual interim meeting, we discussed various open issues with respect to the Vulnerability Assessment Scenario [1] as a result of feedback that we received on the draft which you can see here [2][3].  The slide's from the meeting can be found here [4].

One issue that we didn't have a chance to discuss, because we ran out of time, was whether or not we need to update text, such as the following, to account for the fact that in the SACM breakout session, during IETF 95 [5], the group seemed to be in agreement that SACM is primarily concerned with data-in-motion and not data-at-rest which could be left as an area where product vendors could differentiate themselves.


"Moreover, the scenario incorporates long-term storage of collected data, vulnerability description information, and assessment results in order to facilitate meaningful and ongoing reassessment."

So, this really breaks down into two questions.


1.       Is the WG in agreement that SACM is primarily focused on data-in-motion rather than data-at-rest as proposed during the breakout session?



2.       If so, do we need to update text (like above), in the Vulnerability Assessment Scenario, to de-emphasize the focus on the long-term storage of data?


If you have any thoughts on this issue, please provide feedback by May 31st.  We are planning to have an updated version of the scenario for June 8th.

Thanks,

Danny

[1] https://datatracker.ietf.org/doc/draft-coffin-sacm-vuln-scenario/
[2] https://github.com/sacmwg/vulnerability-scenario/pull/3
[3] https://www.ietf.org/mail-archive/web/sacm/current/msg03958.html
[4] https://datatracker.ietf.org/doc/slides-interim-2016-sacm-3-1/ (looks like the slides are not available just yet, but, I suspect they should be soon)
[5] https://www.ietf.org/mail-archive/web/sacm/current/msg03907.html

v2.23.0 | Report a Bug | By Email