[sacm] Charter Including Sean's Changes
Stephen Hanna <shanna@juniper.net> Thu, 24 January 2013 18:02 UTC
Return-Path: <shanna@juniper.net>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB81121F86D9 for <sacm@ietfa.amsl.com>; Thu, 24 Jan 2013 10:02:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.467
X-Spam-Level:
X-Spam-Status: No, score=-103.467 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, UNRESOLVED_TEMPLATE=3.132, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H+zsmk0GAdjg for <sacm@ietfa.amsl.com>; Thu, 24 Jan 2013 10:02:46 -0800 (PST)
Received: from exprod7og127.obsmtp.com (exprod7og127.obsmtp.com [64.18.2.210]) by ietfa.amsl.com (Postfix) with ESMTP id A3C3621F86CC for <sacm@ietf.org>; Thu, 24 Jan 2013 10:02:46 -0800 (PST)
Received: from P-EMHUB03-HQ.jnpr.net ([66.129.224.36]) (using TLSv1) by exprod7ob127.postini.com ([64.18.6.12]) with SMTP ID DSNKUQF3RhKVm+5V83Zg16ChiLysrq6Cs8C2@postini.com; Thu, 24 Jan 2013 10:02:46 PST
Received: from P-CLDFE01-HQ.jnpr.net (172.24.192.59) by P-EMHUB03-HQ.jnpr.net (172.24.192.37) with Microsoft SMTP Server (TLS) id 8.3.213.0; Thu, 24 Jan 2013 10:01:01 -0800
Received: from o365mail.juniper.net (207.17.137.224) by o365mail.juniper.net (172.24.192.59) with Microsoft SMTP Server id 14.1.355.2; Thu, 24 Jan 2013 10:01:01 -0800
Received: from db3outboundpool.messaging.microsoft.com (213.199.154.143) by o365mail.juniper.net (207.17.137.224) with Microsoft SMTP Server (TLS) id 14.1.355.2; Thu, 24 Jan 2013 10:09:00 -0800
Received: from mail84-db3-R.bigfish.com (10.3.81.248) by DB3EHSOBE008.bigfish.com (10.3.84.28) with Microsoft SMTP Server id 14.1.225.23; Thu, 24 Jan 2013 18:00:59 +0000
Received: from mail84-db3 (localhost [127.0.0.1]) by mail84-db3-R.bigfish.com (Postfix) with ESMTP id F4029E0108 for <sacm@ietf.org.FOPE.CONNECTOR.OVERRIDE>; Thu, 24 Jan 2013 18:00:58 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:157.56.236.101; KIP:(null); UIP:(null); (null); H:BY2PRD0510HT004.namprd05.prod.outlook.com; R:internal; EFV:INT
X-SpamScore: -21
X-BigFish: PS-21(zzc85fh4015Izz1ee6h1de0h1202h1e76h1d1ah1d2ahzz1033IL17326ah8275dh8275bhz2dh2a8h668h839hd25hf0ah1288h12a5h12bdh137ah1441h1504h1537h153bh15d0h162dh1631h1758h18e1h34h1155h)
Received: from mail84-db3 (localhost.localdomain [127.0.0.1]) by mail84-db3 (MessageSwitch) id 1359050456348061_5655; Thu, 24 Jan 2013 18:00:56 +0000 (UTC)
Received: from DB3EHSMHS013.bigfish.com (unknown [10.3.81.242]) by mail84-db3.bigfish.com (Postfix) with ESMTP id 52029200255 for <sacm@ietf.org>; Thu, 24 Jan 2013 18:00:56 +0000 (UTC)
Received: from BY2PRD0510HT004.namprd05.prod.outlook.com (157.56.236.101) by DB3EHSMHS013.bigfish.com (10.3.87.113) with Microsoft SMTP Server (TLS) id 14.1.225.23; Thu, 24 Jan 2013 18:00:55 +0000
Received: from BY2PRD0510MB366.namprd05.prod.outlook.com ([169.254.5.218]) by BY2PRD0510HT004.namprd05.prod.outlook.com ([10.255.84.39]) with mapi id 14.16.0257.004; Thu, 24 Jan 2013 18:00:54 +0000
From: Stephen Hanna <shanna@juniper.net>
To: "sacm@ietf.org" <sacm@ietf.org>
Thread-Topic: Charter Including Sean's Changes
Thread-Index: Ac36XMAc2UqnV+ShSVeQRpFkhpqAwA==
Date: Thu, 24 Jan 2013 18:00:54 +0000
Message-ID: <F1DFC16DCAA7D3468651A5A776D5796E069B5E8F@BY2PRD0510MB366.namprd05.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [66.129.232.2]
Content-Type: multipart/mixed; boundary="_002_F1DFC16DCAA7D3468651A5A776D5796E069B5E8FBY2PRD0510MB366_"
MIME-Version: 1.0
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
X-FOPE-CONNECTOR: Id%12219$Dn%IETF.ORG$RO%2$TLS%5$FQDN%onpremiseedge-1018244.customer.frontbridge.com$TlsDn%o365mail.juniper.net
Subject: [sacm] Charter Including Sean's Changes
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion List for IETFers interested in the Security Content Automation Protocol \(SCAP\)." <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sacm>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jan 2013 18:02:47 -0000
Here (below and attached) is a charter that includes the changes suggested by Sean Turner. At least, this is my interpretation of Sean's suggestions. Comments most welcome! Thanks, Steve ---------- Proposed Working Group Charter Name: Security Automation and Continuous Monitoring (SACM) AREA: Security Chairs: TBD TBD Security Area Directors: Stephen Farrell <stephen.farrell at cs.tcd.ie> Sean Turner <turners at ieca.com> Security Area Advisor: Sean Turner <turners at ieca.com> Mailing Lists: General Discussion: sacm at ietf.org To Subscribe: http://www.ietf.org/mailman/listinfo/sacm Archive: http://www.ietf.org/mail-archive/web/sacm Description of Working Group Securing information and the systems that store, process, and transmit that information is a challenging task for organizations of all sizes, and many security practitioners spend most of their time on manual processes relegating them to ineffectiveness. The key to escaping this rut is security automation to collect, verify, and update system configurations with the ability to prioritize risk based on timely information about threats. This working group will develop security automation protocols and data format standards in support of information security processes and practices. These standards will help security practitioners to be more effective by automating routine tasks related to client and server security freeing them to focus on more advanced tasks. The initial focus of this work is to address enterprise use cases pertaining to the assessment of endpoint posture (using the definitions of Endpoint and Posture from RFC 5209). The working group will, whenever reasonable and possible, reuse existing protocols and mechanisms. Of particular interest to this working group are the security automation specifications supporting asset, change, configuration, and vulnerability management. There are multiple categories of problems in the security automation realm: enabling interoperable data exchanges through standardized protocols, defining expressions for particular domain concepts (i.e. data formats), establishing a standards-based foundation supporting the curation and exchange of security automation content collections in content repositories, and enabling interoperability through the development and use of standard interfaces and communication protocols. Content based on rich and extensible data standards and protocols will provide the authoritative instructions needed by data-driven tools to enable the automated collection of configuration and vulnerability data pertaining to enterprise assets. Information produced by these tools will provide accurate and timely situational awareness in support of organizational decision making. The data exchange protocols will need to support several exchange types including requesting assessments and reporting on assessment results. Exchanging information across organizational boundaries will not be within scope for this effort at this time. This working group will provide solutions to these categories of problems and the main areas of focus for this working group are described as follows: 1. A set of standards to enable assessment of endpoint posture. This area of focus provides for necessary language and data format specifications. 2. A set of standards for interacting with repositories of content related to assessment of endpoint posture. This working group will achieve the following milestones: - An Informational document on Use Cases and Requirements - An Informational document on SACM Architecture - A Standards Track document to define a protocol for interacting with content repositories - Standards Track documents specifying communication protocols and data formats used for assessment of endpoint posture After these work items have been submitted to and approved by the IESG, the WG will recharter or close.
- [sacm] Charter Including Sean's Changes Stephen Hanna
- Re: [sacm] Charter Including Sean's Changes Sean Turner
- Re: [sacm] Charter Including Sean's Changes Sean Turner
- Re: [sacm] Charter Including Sean's Changes Waltermire, David A.
- Re: [sacm] Charter Including Sean's Changes Romascanu, Dan (Dan)