MILE WG
March 27, 2017
1520 - 1650
Co-chairs: Takeshi Takahashi and Nancy Cam-Winget
Sec: David Waltermire
Notetaker and jabber scribe: Chris Inacio and Roman Danyliw
==============


MILE status
-----------
slides:
https://www.ietf.org/proceedings/98/slides/slides-98-mile-status-update-02
.pdf
presenters: chairs

The co-chairs summarized the status of the working group.
  - IODEF - finished
  - ROLIE - WGLC on ROLIE
  - XMPP-draft - not a lot of feedback


Rolie draft status
------------------
slides:
https://www.ietf.org/proceedings/98/slides/slides-98-mile-draft-ietf-mile-
rolie-00.pdf
drafts: draft-ietf-mile-rolie-05
        draft-banghart-mile-rolie-csirt-00
presenters: David Waltermire and Stephen Banghart

Banghart summarized recent changes to draft-ietf-mile-rolie-05.
The co-authors believe the draft is complete, and recommend restarting the
WGLC in order for the recent changes to be reviewed by the WG.

Per draft-banghart-mile-rolie-csirt-00, Banghart has requested additional
reviewer.

S. Banghart - CSIRT extension and Software Descriptor (SACM) ROLIE extensions need SME review
S. Banghart - planning additional extension documents: Checklists, Vulnerabilities.
A. Montville - Checklists almost ready to submit; likely to work on vulnerabilties as well.
S. Banghart - Can use existing template to add more as well.

Comment: (A. Montville): We are already working on checklists for
benchmark data and will be working on vulnerability info too.

Q: (T. Takahashi) what happens if the service document location is different given in the HTML.
A: (S. Banghart) the documented URL shoudl exist, even if it just redirects.
A: (D. Waltermire) Could the HEAD request point to ROILE service.  Yes.
There is also a URL template that can be used.  Using the URL template all
you need to know is the server and the rest can be discovered.  We believe
that to be valuable as no other interaction with other services.
A: (T. Takahashi): If they are not the same, which one should be
trusted?
A: (S. Banghart) The one that resolves from the URL template should
be considered normative.

Q: (N. Cam-Winget): Who has read the latest draft?  Who would volunteer
to read it?
A: (N. Cam-Winget): I see Adam Montville, Roman Danyliw, Chris Inacio,
and Panos Kampanakis volunteering.

S. Banghart - CSIRT draft, still in progress, will have 01 or 02 before next IETF.
D. Waltermire - most changes are making sure changes are in sync with core ROLIE updates.

Guidance draft status
---------------------
slides:
https://www.ietf.org/proceedings/98/slides/slides-98-mile-draft-ietf-mile-
iodef-guidance-00.pdf
draft: draft-ietf-mile-iodef-guidance-06
presenter: Mio Suzuki

Suzuki summarized recent changes to draft-ietf-mile-iodef-guidance-06.

Q: (N. Cam-Winget) It doesn't appear that the changes are significant.
Could I get volunteers for a review?
A: (N. Cam-Winget): I see Roman Danyliw, Adam Montville, and Chris
Inacio

Per XMPP
---------
Q: (N. Cam-Winget): To the AD, since we only got one reviewer for XMPP
(Chris Inacio) during WGLC, what do we do?
A: (Kathleen Moriarty): I'd like more reviews since there is running code.
I could extend the IETF WGLC, WGLC and SAAG.
A: (Kathleen Moriarty): How many separate implementations?
A: (N. Cam-Winget): 1 server but 20 clients to server under protocol in use.  It's also being discussed in OASIS for STIX/TAXI
A: (Kathleen Moriarty): Let's continue with another WGLC and an extended
review by the other reviews.