Minutes interim-2020-sacm-02: Tue 13:00
minutes-interim-2020-sacm-02-202010201300-00

Meeting Minutes Security Automation and Continuous Monitoring (sacm) WG
Title Minutes interim-2020-sacm-02: Tue 13:00
State Active
Other versions plain text
Last updated 2020-11-15

Meeting Minutes
minutes-interim-2020-sacm-02-202010201300

SACM virtual interim minutes
# SACM Virtual Interim
October 20, 2020

## Attendees
* Karen Odonoghue
* Chris Inacio
* Bill Munyan
* Jessica Fitzgerald-McKay
* Peter Yee
* Adam Montville
* Michael Richardson
* Henk Birkholz
* Roman Danyliw

## Concise Software Identification Tags
* document: draft-ietf-sacm-coswid-15
* status: awaiting response to AD Review

Henk: Thanks for the feedback.  The document authors are working through the
Roman Danyliw's AD feedback and Thomas Fossati's implementation feedback. An
update is expected before the IETF 109 draft cut-off.

Karen: As a process check, if changes from Thomas are really significant, does
it need to brought to the WG? ** Roman: It's a judgement call based on the
scope of the change.  We can informally consult the WG if needed despite it
being in AD review.

## Endpoint Posture Collection Profile
* document: draft-ietf-sacm-epcp-01
* status: awaiting response to AD Review

Jessica: I would like feedback from the WG on stopping the work based on the
extensive AD review.  Likewise, there continues to be ongoing discussion on
what is the document and the value it provides given the long duration to get
this published. * Karen: does anyone object to stopping work on this document?
* Adam: EPCP seems to be a subset of the architecture document.  If we stop
work on the EPCP, does this complicate the text in the architecture document. *
Jessica: I see no issue with pulling text from the EPCP draft and putting it in
the architecture draft.  The Original SCAP work that motivated this draft has
moved on. * Karen: Based on what's being voiced here, there appear to be no
objections to stopping work on this draft.  We'll confirm this on the mailing
list. * Michael: I'm trying to understanding why we are doing it - is it we are
out of energy to work on it, or there is no longer need? * Jessica: It is more
that there is no longer a need in the community.  The process of producing the
document has informed the working group. * Henk: We can note that work this
document informed in the data tracker * Roman: If there is consensus on the
mail list, I can send the document back to the WG and it can be marked as "WG
Document: Dead" with a pointer to the mailing list explaining how the WG came
to that decision. * Karen: Thank you for all of the hard work put into it.

## ROLIE
* document: draft-mandm-sacm-rolie-configuration-checklist-02

Karen: There was a call for adoption and there is critical mass to adopt it as
a WG document.

## SACM Architecture
* document: draft-ietf-sacm-arch-07

Adam: Per the early AD review:
* audience would be those implementing the SACM architecture
* if it stays standards track, the details of the protocol would go there
*

Henk: this architecture document would have value to RATS.  It provides a
second domain of applicability. * Jessica: Do you think that RATS would be
interesting in taking on this work? * Henk: It might be contentious to change
the RATS architecture. However, it could potentially be informed by workflows?
* Roman: Is the link to RATS about specific claims - the architecture, EPCP,
and the SACM don't cover any of them. * Henk:

* Karen: it doesn't appear to we understand the next steps
* Roman: Can we bring the SACM implementors to the discussion to review and
validate the architecture?  What is the protocol work envisioned as the next
step? * Michael: It doesn't appear to be an architecture issue, but an
implementation issue. Moving it to RATS won't help. * Adam: We plan to
implement it (but we are also the authors) * Karen: What would the document
authors want? * Adam: More review and implementation would help * Roman: Can we
separate the high-level architecture from the specification of the protocol
details?

## Wrap Up

Karen: We need progress on the document to use our IETF 109 time productively.

Karen: We haven't gotten to next steps on the working group.