Skip to main content

Minutes IETF103: sacm
minutes-103-sacm-00

Meeting Minutes Security Automation and Continuous Monitoring (sacm) WG
Title Minutes IETF103: sacm
State Active
Other versions plain text
Last updated 2018-12-13

minutes-103-sacm-00
IETF103 SACM

Note well displayed
Agenda bashing

ROLIE Software Descriptor – Draft author unavailable for update this meeting. 
Waiting on a small change based on a media-type registration for a final edit
to complete document and submit.

Architecture draft: no update since September.  Would like to get more reviews,
can discuss at next virtual interim.

Terminology: Henk reports pending adoption of architecture document, will
postpone making any more updates.  Requests review of the new and compare with
the old to assess whether the new addresses our need.  Terminology is still on
modular concept originally proposed; hard to generalize specific term making it
harder to reconcile current terminology with new architecture draft. Henk
describes some of the concerns. Working group will need to agree to an
achitecture to ensure alignment to the terminology work.

Concise Software Identifiers: update from Henk. Only 1 remaining issue open,
the other show open but believe they've been addressed but needs feedback. Last
issue is about representation of media.  Provided CDDL representation based on
ISO draft, it is up to authors to validate as no one else seems to be familiar
with this structure. Working group needs additional reviews of this draft. 
Small number of remaining issues are complex and need careful review.  Review
to be discussed at virtual interim. Frank volunteered to do a review.

ECP update: - update recieved, there are changes to be posted based on
terminology and wants another round of review.

Data Model of Network Infrastructure Device Data Plane Security Baseline
presented by Wei Pan:
    - defines purpose of draft is to define minimum set of configuration and
    status.
Working group working to understand the fit of this work in the context of the
other drafts in the working group.  This -might- align with work on collecting
telemtry via YANG Push.  Still to be determined.

NEtwork Infrastructure Dev Mgmt Plane Sec Baseline by Jessica
- Recaps draft is to provide security baselie for nw infr dev mgmt plane
represented as a Yang model - Updates to the last draft: removed content to -
Reduced Yang model and updates to the module to accomodate posture vs.
configuration so removed some of the configuration especially on the -
editorial updates

Discussion about an information model and possible data models was had.  The
information model is an adopted document, but has since expired.

Working group discussed milestones, documents, and dates.
Chairs will schedule 3 virtual interims, stay tuned for doodle pooling for
dates. Working group also agreed that work in the hackathon's produced good
feedback and direction for the group at large.