Endpoint Security Posture Assessment: Enterprise Use Cases
draft-ietf-sacm-use-cases-10
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2015-09-08
|
10 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2015-08-17
|
10 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2015-08-10
|
10 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2015-07-02
|
10 | (System) | IANA Action state changed to No IC from In Progress |
2015-07-02
|
10 | (System) | IANA Action state changed to In Progress |
2015-07-02
|
10 | Cindy Morgan | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2015-07-02
|
10 | (System) | RFC Editor state changed to EDIT |
2015-07-02
|
10 | (System) | Announcement was received by RFC Editor |
2015-07-02
|
10 | Amy Vezza | IESG state changed to Approved-announcement sent from Approved-announcement to be sent::AD Followup |
2015-07-02
|
10 | Amy Vezza | IESG has approved the document |
2015-07-02
|
10 | Amy Vezza | Closed "Approve" ballot |
2015-07-02
|
10 | Amy Vezza | Ballot approval text was generated |
2015-07-01
|
10 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2015-07-01
|
10 | David Waltermire | IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed |
2015-07-01
|
10 | David Waltermire | New version available: draft-ietf-sacm-use-cases-10.txt |
2015-04-09
|
09 | Cindy Morgan | IESG state changed to Approved-announcement to be sent::Revised I-D Needed from IESG Evaluation |
2015-04-09
|
09 | Alia Atlas | [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas |
2015-04-09
|
09 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko |
2015-04-08
|
09 | Amanda Baber | IANA Review state changed to IANA OK - No Actions Needed from Version Changed - Review Needed |
2015-04-08
|
09 | Joel Jaeggli | [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli |
2015-04-08
|
09 | Ben Campbell | [Ballot Position Update] New position, No Objection, has been recorded for Ben Campbell |
2015-04-08
|
09 | Stephen Farrell | [Ballot comment] - general: there seems to be no mention or consideration at all of privacy which I think is a significant flaw in this … [Ballot comment] - general: there seems to be no mention or consideration at all of privacy which I think is a significant flaw in this document. However, so long as privacy issues are considered in later documents, that's not a problem. It would be a problem if privacy were similarly ignored later on. As an example of why this matters, enterprises will have to adhere to privacy legislation in various jurisdictions which would for example introduce a data controller as a relevant entity to be considered (and that is not considered here). Once one collects e.g. log information about authentication times and locations then I suspect you need a data controller and you might have to delete that data or anonymise it or do other privacy friendly things with or to such data. I think for now, adding a statement that later documents will have to consider the privacy issues associated with these use cases would be a good idea that would be sufficient to ensure that it's not forgotten. Note: I do think it would be preferable if someone had (or still would) spend time on an analysis of the possible privacy considerations of some of these use-cases. I suspect those aren't as bad as may be feared and could perhaps be relatively easily covered in a few paragraphs, once that work has been done. (If doing that, please do not only consider the typical US private enterprise network scenario - those in other parts of the world and in non-profit or public service can differ significantly in privacy terms.) - 2.2.5 - I've been to places like that for research purposes (as stipulated here) and this use-case seems unrealistic to me. - section 4: I think you might end up need to consider the confidentiality and origin authentication of some of the data at rest as well as in transit. That could get tricky, but OTOH, if you have any conception of provenance and of privacy then it's likely to be needed. I'd say just adding a sentence here to recognise that that can also be an issue would be enough. - The secdir review [1] noted a bunch of nits. I didn't check if those have been fixed or not, but seems like a good idea. [1] https://www.ietf.org/mail-archive/web/secdir/current/msg05536.html |
2015-04-08
|
09 | Stephen Farrell | [Ballot Position Update] New position, No Objection, has been recorded for Stephen Farrell |
2015-04-08
|
09 | Terry Manderson | [Ballot Position Update] New position, No Objection, has been recorded for Terry Manderson |
2015-04-08
|
09 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2015-04-08
|
09 | Alexey Melnikov | Request for Telechat review by GENART Completed: Ready. Reviewer: Alexey Melnikov. |
2015-04-08
|
09 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2015-04-07
|
09 | Kathleen Moriarty | IESG state changed to IESG Evaluation from Waiting for AD Go-Ahead |
2015-04-02
|
09 | Jean Mahoney | Request for Telechat review by GENART is assigned to Alexey Melnikov |
2015-04-02
|
09 | Jean Mahoney | Request for Telechat review by GENART is assigned to Alexey Melnikov |
2015-03-24
|
09 | David Waltermire | IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed |
2015-03-24
|
09 | David Waltermire | New version available: draft-ietf-sacm-use-cases-09.txt |
2015-03-21
|
08 | Gunter Van de Velde | Request for Last Call review by OPSDIR Completed: Ready. Reviewer: Warren Kumari. |
2015-03-21
|
08 | Tero Kivinen | Request for Telechat review by SECDIR Completed: Has Nits. Reviewer: Warren Kumari. |
2015-03-21
|
08 | Tero Kivinen | Request for Telechat review by SECDIR is assigned to Warren Kumari |
2015-03-21
|
08 | Tero Kivinen | Request for Telechat review by SECDIR is assigned to Warren Kumari |
2015-03-19
|
08 | Tero Kivinen | Request for Last Call review by SECDIR Withdrawn. Reviewer: Scott Kelly. |
2015-03-16
|
08 | Kathleen Moriarty | Ballot has been issued |
2015-03-16
|
08 | Kathleen Moriarty | [Ballot Position Update] New position, Yes, has been recorded for Kathleen Moriarty |
2015-03-16
|
08 | Kathleen Moriarty | Created "Approve" ballot |
2015-03-16
|
08 | Kathleen Moriarty | Ballot writeup was changed |
2015-03-16
|
08 | (System) | IESG state changed to Waiting for AD Go-Ahead from In Last Call |
2015-03-13
|
08 | Kathleen Moriarty | Placed on agenda for telechat - 2015-04-09 |
2015-03-13
|
08 | Kathleen Moriarty | Changed consensus to Yes from Unknown |
2015-03-11
|
08 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Warren Kumari |
2015-03-11
|
08 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Warren Kumari |
2015-03-11
|
08 | (System) | IANA Review state changed to IANA OK - No Actions Needed from IANA - Review Needed |
2015-03-11
|
08 | Pearl Liang | IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-sacm-use-cases-08, which is currently in Last Call, and has the following comments: We understand that, upon approval of this … IESG/Authors/WG Chairs: IANA has reviewed draft-ietf-sacm-use-cases-08, which is currently in Last Call, and has the following comments: We understand that, upon approval of this document, there are no IANA Actions that need completion. While it is helpful for the IANA Considerations section of the document to remain in place upon publication, if the authors prefer to remove it, IANA doesn't object. If this assessment is not accurate, please respond as soon as possible. |
2015-03-05
|
08 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Scott Kelly |
2015-03-05
|
08 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Scott Kelly |
2015-03-04
|
08 | Jean Mahoney | Request for Last Call review by GENART is assigned to Alexey Melnikov |
2015-03-04
|
08 | Jean Mahoney | Request for Last Call review by GENART is assigned to Alexey Melnikov |
2015-03-02
|
08 | Amy Vezza | IANA Review state changed to IANA - Review Needed |
2015-03-02
|
08 | Amy Vezza | The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Endpoint Security Posture Assessment - … The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Endpoint Security Posture Assessment - Enterprise Use Cases) to Informational RFC The IESG has received a request from the Security Automation and Continuous Monitoring WG (sacm) to consider the following document: - 'Endpoint Security Posture Assessment - Enterprise Use Cases' as Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2015-03-16. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This memo documents a sampling of use cases for securely aggregating configuration and operational data and evaluating that data to determine an organization's security posture. From these operational use cases, we can derive common functional capabilities and requirements to guide development of vendor-neutral, interoperable standards for aggregating and evaluating data relevant to security posture. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-sacm-use-cases/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-sacm-use-cases/ballot/ No IPR declarations have been submitted directly on this I-D. |
2015-03-02
|
08 | Amy Vezza | IESG state changed to In Last Call from Last Call Requested |
2015-03-02
|
08 | Amy Vezza | Last call announcement was generated |
2015-03-01
|
08 | Kathleen Moriarty | Last call was requested |
2015-03-01
|
08 | Kathleen Moriarty | Ballot approval text was generated |
2015-03-01
|
08 | Kathleen Moriarty | IESG state changed to Last Call Requested from Publication Requested |
2015-03-01
|
08 | Kathleen Moriarty | Intended Status changed to Informational from None |
2015-03-01
|
08 | Kathleen Moriarty | As required by RFC 4858, this is the current template for the Document Shepherd Write-Up. Changes are expected over time. This version is dated … As required by RFC 4858, this is the current template for the Document Shepherd Write-Up. Changes are expected over time. This version is dated 24 February 2012. (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? Is this type of RFC indicated in the title page header? Informational. The document describes use cases, so the status seems appropriate. It is mentioned in the header. (2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary This memo documents a sampling of use cases for securely aggregating configuration and operational data and evaluating that data to determine an organization's security posture. From these operational use cases, we can derive common functional capabilities and requirements to guide development of vendor-neutral, interoperable standards for aggregating and evaluating data relevant to security posture. Working Group Summary The working group paid a lot of attention to this document because it was considered as important for the definition of the scope, requirements and solution architecture for SACM. It was reviewed carefully and discussed in details in meetings and on the mail list by a large number of participants. The resulting work reflects a solid consensus. Document Quality There is a sound interest in SACM, and this is the first WG document. the reviews and discussions were solid and in depth. Using some kind of formal language was considered but eventually the WG had strong consensus for the current (plain English) was of expressing the use cases. Personnel Dan Romascanu is the document shepherd. Kathleen Moriarty is the responsible AD. (3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG. I have reviewed carefully every version of this document, including the one now submitted for publication. (4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? No. (5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place. No. (6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. No concerns. (7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why. Yes. (8) Has an IPR disclosure been filed that references this document? If so, summarize any WG discussion and conclusion regarding the IPR disclosures. No IPR disclosures have been submitted (9) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? There is a solid consensus to publish this document as well as a healthy participation in the WG . (10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.) No. (11) Identify any ID nits the Document Shepherd has found in this document. (See http://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough. No poblems. idnits only indicates a date-in-the-past warning and one false alarm on references. (12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews. not applicable (13) Have all references within this document been identified as either normative or informative? yes (14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion? no (15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure. no (16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the WG considers it unnecessary. no (17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 5226). The IANA Considerations section is null in content (18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries. not applicable (19) Describe reviews and automated checks performed by the Document Shepherd to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc. not applicable |
2015-03-01
|
08 | Kathleen Moriarty | IESG state changed to Publication Requested from AD is watching |
2015-03-01
|
08 | Kathleen Moriarty | Last call announcement was generated |
2015-02-26
|
08 | Kathleen Moriarty | Ballot writeup was changed |
2015-02-26
|
08 | David Waltermire | New version available: draft-ietf-sacm-use-cases-08.txt |
2015-02-26
|
07 | Kathleen Moriarty | IESG state changed to AD is watching from Publication Requested |
2015-02-16
|
07 | Kathleen Moriarty | Tag Revised I-D Needed - Issue raised by AD set. |
2014-11-05
|
07 | Kathleen Moriarty | Ballot writeup was changed |
2014-11-05
|
07 | Kathleen Moriarty | Ballot writeup was generated |
2014-11-05
|
07 | Kathleen Moriarty | Last call announcement was generated |
2014-09-18
|
07 | Dan Romascanu | As required by RFC 4858, this is the current template for the Document Shepherd Write-Up. Changes are expected over time. This version is dated … As required by RFC 4858, this is the current template for the Document Shepherd Write-Up. Changes are expected over time. This version is dated 24 February 2012. (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? Is this type of RFC indicated in the title page header? Informational. The document describes use cases, so the status seems appropriate. It is mentioned in the header. (2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary This memo documents a sampling of use cases for securely aggregating configuration and operational data and evaluating that data to determine an organization's security posture. From these operational use cases, we can derive common functional capabilities and requirements to guide development of vendor-neutral, interoperable standards for aggregating and evaluating data relevant to security posture. Working Group Summary The working group paid a lot of attention to this document because it was considered as important for the definition of the scope, requirements and solution architecture for SACM. It was reviewed carefully and discussed in details in meetings and on the mail list by a large number of participants. The resulting work reflects a solid consensus. Document Quality There is a sound interest in SACM, and this is the first WG document. the reviews and discussions were solid and in depth. Using some kind of formal language was considered but eventually the WG had strong consensus for the current (plain English) was of expressing the use cases. Personnel Dan Romascanu is the document shepherd. Kathleen Moriarty is the responsible AD. (3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG. I have reviewed carefully every version of this document, including the one now submitted for publication. (4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? No. (5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place. No. (6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. No concerns. (7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why. Yes. (8) Has an IPR disclosure been filed that references this document? If so, summarize any WG discussion and conclusion regarding the IPR disclosures. No IPR disclosures have been submitted (9) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? There is a solid consensus to publish this document as well as a healthy participation in the WG . (10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.) No. (11) Identify any ID nits the Document Shepherd has found in this document. (See http://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough. No poblems. idnits only indicates a date-in-the-past warning and one false alarm on references. (12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews. not applicable (13) Have all references within this document been identified as either normative or informative? yes (14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion? no (15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure. no (16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the WG considers it unnecessary. no (17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 5226). The IANA Considerations section is null in content (18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries. not applicable (19) Describe reviews and automated checks performed by the Document Shepherd to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc. not applicable |
2014-09-18
|
07 | Dan Romascanu | State Change Notice email list changed to sacm-chairs@tools.ietf.org, draft-ietf-sacm-use-cases@tools.ietf.org |
2014-09-18
|
07 | Dan Romascanu | Responsible AD changed to Kathleen Moriarty |
2014-09-18
|
07 | Dan Romascanu | IETF WG state changed to Submitted to IESG for Publication from WG Document |
2014-09-18
|
07 | Dan Romascanu | IESG state changed to Publication Requested |
2014-09-18
|
07 | Dan Romascanu | IESG process started in state Publication Requested |
2014-09-18
|
07 | Dan Romascanu | Changed document writeup |
2014-09-18
|
07 | Dan Romascanu | Document shepherd changed to Dan Romascanu |
2014-04-28
|
07 | David Waltermire | New version available: draft-ietf-sacm-use-cases-07.txt |
2014-03-03
|
06 | David Waltermire | New version available: draft-ietf-sacm-use-cases-06.txt |
2014-01-06
|
05 | Cindy Morgan | This document now replaces draft-waltermire-sacm-use-cases instead of None |
2013-11-20
|
05 | David Waltermire | New version available: draft-ietf-sacm-use-cases-05.txt |
2013-10-21
|
04 | David Harrington | New version available: draft-ietf-sacm-use-cases-04.txt |
2013-10-19
|
03 | David Harrington | New version available: draft-ietf-sacm-use-cases-03.txt |
2013-10-14
|
02 | David Harrington | New version available: draft-ietf-sacm-use-cases-02.txt |
2013-09-11
|
01 | David Waltermire | New version available: draft-ietf-sacm-use-cases-01.txt |
2013-08-22
|
00 | David Waltermire | New version available: draft-ietf-sacm-use-cases-00.txt |