Reported By: Blake Frantz and Joshua Lubell
Editorialized By: Adam Montville

Present:
	Adam Montville
	Brian Ford
	Blake Frantz
	Dan Romascanu
	Dave Waltermire
	Danny Hanyes
	Jarrett Lu
	Jim Bieda
	Jon Baker
	Josh Lubell
	Kathleen Moriarty
	Lisa Lorenzin
	Luiz Nunez
	Matt Hansbury
	Nancy Cam-Winget
	Take
	Trevor Freeman

WG Status: Dan Romascanu 

	- Milestones are not progressing as planned. 
		- Red - Initial submission for protocol or data format for retrieving configuration and policy info.
		- Red - Initial submission for protocol or data format for collecting endpoint posture ID.
		- Group will negotiate new milestone dates with Area Director

	- Way Forward
		- Red - Requirements Update Submitted
		- Red - Adopt Requirements ID

	- Merge Requirements?

		- DanR indicated merging requirements and architecture docs may be best.
		- DaveW agrees we should consider merging requirements and architecture doc, but only after there is consensus on the architecture.

			Note: the above agreement to combine drafts was changed later in the meeting. 

Terminology: Nancy Cam-Winget

	- The following updates were made in SACM terminology draft 03:
		- Removed dangling terms
		- Added pre-defined terms to section 2.1 and 2.2
		- Added RFC 3444 as informative reference

	- Posture and Posture Attributes

		There was a discussion with respect to "posture attribute" vs. "posture".  A "posture attribute" is a single property of an observed state, and there is a differentiation between states that are "explicitly observable" versus those that are "derived by inference" (i.e. infected by malware).  There was some preference for terminology that supports both the state of that which is explicitly observable and that which is derived.  For example, anti-virus is enabled given the observed state of a particualr Windows registry key.  Updates will be made to the terminology draft and confirmed on the list.

	- Contention on terms such as: misconfiguration, compliant, vulnerability, remediation, etc

		The discussion around these "upleveled" terms concluded with the general agreement to remove them and keep terms not of the "art" as those with which we are concerned.  The terms "remediate", "compliant", "vulenrability", and other terms of art will be removed from the terminology draft and more generic terms, such as "correct" and "mismatch" will be considered when necessary.  This is in part due to the fact that when expected state does not equal the collected state, it could represent a misconfiguration, a vulnerability, or a compliance issue.  But, all are a "mismatch".

	- Linking SACM terminology to MILE, OpenIOC, and STIX (or others):

		This was a brief discussion ending in a deferral until we see information models which may be the best source of discovering such links.


Use Cases: David Waltermire

	The latest revision (-07) was updated two days prior to the interim and addressed all of the open issues and the draft is quite stable.  The major changes in -07 were an update to section 2.1.2 and an elimination of section 2.1.5 by merging it with 2.1.4.  There was some concern posted to the list after the update and before the interm about the term "proprietary attributes" as used in the use case draft.  The concern is that the term may not be "vendor neutral".  The group agreed that the goal is a framework that can be modularized and extended and agreed to change "proprietary attributes" to "extended attributes".

	The use case document is ready for WGLC as proposed by Dan Romascanu and agreed to by Nancy Cam-Winget, Jim Biedu, Dave Waltermire, and Adam Montville.

Requirements: Nancy Cam-Winget

	Requirements draft updates have not been progressing as fast as planned, and an informal editorial meeting will be arranged at some point over the next several weeks to improve progress, particularly for architecture-related work.

	Use case elaboration will be "flipped" with requirement descriptions for readability (i.e. lead with requirements and then explain link to use cases).

	The group discussed testability of requirements based on a list-posed question.  We discussed what level of testability we're looking for and ultimately arrived at the general agreement that we're looking for more specific requirements that can be tested in terms of architectures meeting the requirements.  Specifically, Lisa Lorenzin posited three levels for extensibility, as an example:

		1. "Must be extensible" - more abstract
		2. "Must have extensible transport protocols, query languages, etc." - more specific
		3. "Must be extensible in the specific operations of transport, query language, etc." - even more specific

	There was general agreement that we should focus on the details around the second level rather than on those of the more abstract or more detailed levels.  Lisa agreed to contriubte language to this effect in the requirements document.  Others are encouraged to contriubte as well.

	The requirements, as written, will likely result in more than just one "information model" I-D.

	Additional questions were discussed around use of the term "asynchronous" especially as it is used in REQ-007 of -03 of the requirements draft.  Again, an update to the draft will be made to clarify the meaning of synchronous and asynchronous, especially as it pertains to REQ-006 and REQ-007 of the requirements draft.  Participation in this update is welcomed.

	A similar disucssion ensued pertaining to G-008 of the requirements draft, which was centered around use of the term "role" and it's tight association with RBAC.  We also agreed to move G-007 (authorization) from requirements to Security Considerations.

	Nearer the end of the meeting, the group agreed that pulling the architecture description out of the requirements draft is needed.
	

TNC Architecture: Lisa Lorenzin

	Trusted Network Connect - developed by Trusted Computing Group.  Specific details can be found in the TNC slide presentation and also in the contributed I-D draft-shah-sacm-tnc-architecture-00.  Lisa had to move quickly through the architecture description due to time constraints and fielded a couple of questions.  Discussion will continue on the list.


Call for Contributions: Dan Romascanu

	Dan discussed state of Call for contributions and pointed out that he added ISO/IEC JTC1 SC7, SC27, and TCG to addressees.  The suggestion for being more specific with the call for contribution was addressed and determined to be left as-is.

Way Forward:

	- Avoid Serialization
	- New Milestones:
		- 2014-04-30 – Use Case WGLC
		- 2014-05-25 – Requirements Update Submitted
		- 2014-05-25 - Terminology Update
		- 2014-05-25 - Architecture I-D Submitted
		- 2014-06-15 – Adopt Requirements I-D
		- 2014-06-30 – Adopt Architecture I-D
		- 2014-07-04 – Initial Submissions for the Information Model
	- Interim meeting to be held last week of May / 1st week of June