I took an action item in Arizona to review our list of "generic" IDS
attributes against current thinking in the IETF NEA working group.
Prior to the Dublin IETF meeting, I posted an email to the authors of
the Posture Attribute (PA) protocol draft, briefly listing our "generic"
set of attributes discussed in Phoenix. As it turns out, the NEA
working group had not been spending a lot of time on either attribute
"categories" or the
set of actual attributes themselves. Much of the previous discussions
around the PA protocol had been about other facets of the design.
After the plenary, I exchanged
email with Steve Hanna, the chair of the WG, and he said that my email
generated a lot of discussion and highlighted the need for the PA
to solicit the email list for proposals for additional attribute
categories as well as the actual attributes themselves.
There will be a "standard" set of attributes documented in an RFC, and
some type of registry for additional attributes (as long as the base
protocol has a way to encode/decode the attribute datatype on the wire).
Just after the plenary in Dublin, the PA protocol draft authors posted
a solicitation on the NEA email list for attribute category and
attribute values to be included in
the "standard" (base) set of attributes that will be included as part
of the NEA WG activity.
I was asked by Steve Hanna to re-submit a more formal proposal to the
NEA list regarding our proposed ideas for attributes. This will still
be just an email to the NEA list, but with better descriptions of the
attributes being proposed.
The set I'm initially including in the proposal includes:
- Time Source (and/or quality thereof)
- Minimum cipher suite
- Bridging (layer-2 forwarding) enabled or disabled
- Minimum encryption key length
- I'll speak about port filtering as well, comparing our perspective
with what is already in the PA doc.
- I may mention something about layer-3 forwarding, since I don't
think it's in the PA doc yet.
I apologize for the short notice, but if you can reply with any other
"generic" attributes that I have left out or you think that need
inclusion, please let me know. I would like to send this out on
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2433 bytes
Desc: not available
Url : http://www.pwg.org/archives/ids/attachments/20080811/13d7916a/smime.bin