* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Mile Status Pages

Managed Incident Lightweight Exchange (Active WG)
Sec Area: Eric Rescorla, Benjamin Kaduk | 2011-Oct-25 —  

IETF-102 mile minutes

Session 2018-07-19 0930-1200: Saint-Paul/Sainte-Cath. - mile chatroom


minutes-102-mile-00 minutes

          Chairs -
          [chair] XMPP Grid Last call?
          [nancy] late on posting update, but need reviews
          [nancy] Bill & Adam did reviews, need more
          [adam] have some questions he can ask now, or ask later?
          [nancy] ask during presentation
          [nancy] Take has to shepard
          [take]  I'll do that.
          [chair] can do WGLC by IETF-103?
          [group] (mostly adam & bill) November is okay
          [take] target WGLC by IETF-103, but blocked by CDDL spec
          [chair] 4 errata posted
          [chair] all errata confirmed by Roman, the author of RFC7970.
          [AD] there are no hard/fast rules about errata vs. RFC update
          [roman] hold off deciding how to advance errata solution because we
          might find more doign the JSON work
          [chair] begin to document / track errata (prefferably with a draft)
          but then do the right thing when we know
          [roman] willing to be editor on the errata draft
          Nancy Cam Winget - XMPP
          [nancy] focused on cleaning up on understanding on what's mandatory to
          [nancy] added a paragraph to that point
          [nancy] Bill & Adam requested help on operational considerations in
          running XMPP-grid
          [nancy] added informative, not normative info on that topic, but most
          feel its out of scope
          [nancy] there's already an IANA registery for XMPP topics, so we can
          add that for XMPP-grid
          [nancy] AD is there a more formal process for that
          [AD] send him a more specific question, and we can do more formal request
          to XMPP Foundation
          [nancy] co-author is in both XMPP Found & IETF, and tweaked draft to
          work for XMPP Foundation
          [adam] his questions were really directed to SACM operational
          [adam] really wanted to standardize topics to SACM needs
          [nancy] started work on that with Henk, need to write document to register
          topics with XMPP Found
          [nancy] will work with Adam offlfine to define SACM topics
          Takeshi Takahashi - JSON IODEF
          [take] conversation in previous meeting about using JSON Schema vs. CDDL -
          switched to CDDL from last meeting
          [AD] JSON Schema & CDDL in his AoR - his advice:  pick the one that works
          for you, but don't switch because you think one is closer to publish
          [take] CDDL is nicer to define types, that's a benefit
          [take] want to issue JSON draft
          [bret] using CDDL why?  verification of the data?
          [take] initialially yes, but also now using to for CBOR mapping
          [bret] there aren't really tools for CDDL
          [audience] there are some tools
          [take] using Carsten's Ruby CDDL tool, not perfect, but workable
          [frank] using CDDL, that is just CBOR?
          [take] want to get both JSON & CBOR
          [dave w] if you define in CDDL you get both JSON & CBOR for free; not
          with JSON schema
          [take] question about VulBulkDescriptor representation
          [roman] array is a better idea
          Stephen Banghart - ROLIE draft
          [stephen] have an update to CSIRT document
          [stephen] want to split CSIRT document into 2 documents
          [stephen] this requires recharter to include this draft
          [chair] current charter really speaks to IODEF and IODEF transport;
          so that would be a recharter
          [stephen] or generic incident data formats
          [chair] doesn't prefer to make it generic incident formats
          [take] does support extending to STIX
          [take] but should it just be STIX or other formats
          [chair] yes, that's the question
          [stephen] would like more format flexability
          [bret] would prefer to support STIX; ROLIE and TAXI are very similar -
          would like to work more on both of those
          [bret] would like to see eventual convergence of ROLLIE & TAXI
          [chair] bret, want to support just STIX or more
          [bret] would support larger set of data formats, not just STIX
          [chair] need to put a liason agreement in place
          [chair] need IP disclosure / understanding
          [stephen] solving STIX IP issues
          [chair] that isn't how IETF works
          [roman] rechartering to capture constellation of ROLLIE data format
          types and drafts for each
          [stephen] more than just STIX, things like ROLIE JSON have been asked
          for as well
          [stephen] Bret and I are working on JSON draft
          [chair] your intent is really to show the mapping of ROLIE, not just to
          IODEF, but to other formats
          [roman] mapping to generic formats, a list of formats, or somehting else
          [chair] plan to update the charter to use ROLIE as update/discovery
          mechanism to support incident data?
          [dave w] in ipsecme explicitly itemize the work items in the charter to
          manage the effort
          [chair] that might work, so the question of "is this just STIX, but then
          actually heard to more formats immediately"
          [kathleen] extensibility would be good, but not multiple transports,
          for formats
          [kathleen] maybe define the extension mechanism
          [kathleen] okay with supporting that, going back to INCH we supported
          more formats
          [stephen] CVE is desired as well
          [roman] I support data formats, but not other transports
          [henk] we have base ROLIE stuff which is the CORE, might need to define
          the hierarchy and the set of encodings
          [chair] do we need to define mandatory to implement
          [stephen] ROLIE just provides references to files
          [henk] you can use HTTP to request a data element, you don't know what
          format to expect
          [stephen] take that offline might have solved that
          [chair] any objections to recharter to support additional ROLIE data
          [AD] some subset of folks will work on recharter text, send to list,
          confirm, send to AD, do update
          [stephen] working on -00  draft of ROLIE-JSON
          [stephen] -00 of ROLIE-CVE is basically ready, waiting for recharter
          conversation to submit
          [AD] just added accepted date for new milestones, chair's please update.
          [stephen] will be splitting the CSIRT into 2 documents and they will be
          submitted well before Bangkok
          [chair] not likely ready for WGLC in Bangkok, target for WGLC in April -
          month after following face-to-face
          [stephen] agree
          [AD] promised sweets is chairs update milestones without running out of

Generated from PyHt script /wg/mile/minutes.pyht Latest update: 24 Oct 2012 16:51 GMT -