[07:11:08] gary.gapinski joins the room
[07:11:24] kscarfone joins the room
[07:21:39] hazeyama joins the room
[07:22:39] Colman Ho joins the room
[07:22:43] spturner joins the room
[07:22:46] semery joins the room
[07:23:03] polk.tim joins the room
[07:23:12] sftcd joins the room
[07:23:18] <spturner> we're just going through the welcome part - getting scribes, etc
[07:23:23] <polk.tim> welcome and agenda overview (S. Hanna)
[07:24:27] Barry Leiba joins the room
[07:24:40] <spturner> can everybody hear?
[07:24:59] <sftcd> not very well and I'm in the room;-)
[07:25:20] <gary.gapinski> yes, though sound is now a bit overdriven (compared to period prior to start of BOF)
[07:25:30] <kscarfone> agreed
[07:25:44] <gary.gapinski> Tim sounds good
[07:25:51] <spturner> okay good
[07:27:26] <spturner> wow!
[07:27:54] <spturner> okay on to the first set of slides: scap overview
[07:28:12] <sftcd> what is scap?
[07:28:27] <Barry Leiba> I think he's going to tell us
[07:28:54] <spturner> sldie #11
[07:28:54] tidty joins the room
[07:29:51] <spturner> slide #12
[07:29:59] <spturner> started at #10 btw
[07:35:59] Juergen Schoenwaelder joins the room
[07:42:37] <spturner> slide #15 (sorry slacking)
[07:42:43] <spturner> slide #16
[07:49:31] <spturner> still on slide #16
[07:53:36] <spturner> on to slide #19 (slacking again)
[08:01:07] <polk.tim> on to slide #20
[08:02:17] <polk.tim> on to slide #21
[08:03:26] <spturner> btw about 5 people raised their hands when asked who read the draft
[08:03:35] <gary.gapinski> out of how many?
[08:03:50] <spturner> 50 or so here
[08:04:30] <polk.tim> on to #24 (now I'm slacking)
[08:04:46] <kscarfone> just curious, have any remote folks on here read it (besides me)?
[08:04:57] <gary.gapinski> I did (both)
[08:05:17] <polk.tim> slide #25
[08:06:24] <polk.tim> slide #26
[08:08:18] <polk.tim> slide #27
[08:09:37] <polk.tim> slide #28
[08:13:26] Colman Ho leaves the room
[08:17:17] <gary.gapinski> I suspect the slide deck on the IETF site (https://datatracker.ietf.org/meeting/79/materials.html) may not match presentations
[08:17:48] <polk.tim> sorry slacking again
[08:18:01] <polk.tim> we're on "network intrusion detection systems"
[08:18:13] <polk.tim> "middleboxes aka firewalls"
[08:18:57] <polk.tim> "policy-based management"
[08:19:41] <gary.gapinski> ah - these slides are http://www.ietf.org/proceedings/79/slides/scap-2.pdf
[08:20:02] <polk.tim> "network-wide configuration"
[08:21:36] sftcd leaves the room
[08:21:57] <polk.tim> "some questions"
[08:25:24] Colman Ho joins the room
[08:26:50] sftcd joins the room
[08:29:24] <polk.tim> NEA and SCAP integration (S. Hanna)
[08:29:32] <polk.tim> slide #34
[08:32:30] Juergen Schoenwaelder leaves the room: Disconnected
[08:32:48] <semery> slide #35
[08:33:46] Juergen Schoenwaelder joins the room
[08:35:15] <polk.tim> slide #37
[08:35:39] <polk.tim> (Yes, I am the worst jabber scribe ever!)
[08:41:37] <polk.tim> slide #38: CYBEX Usage of SCAP Specifications (Takahashi)
[08:41:47] semery leaves the room: Disconnected
[08:42:40] <polk.tim> Slide #39: Customer Perspective (Whitlock) while we wait for Takahashi to return
[08:46:02] <polk.tim> now back to slide #38
[08:46:27] <polk.tim> on behalf of ITU-T Study Group 17 Question 4
[08:47:10] <polk.tim> "contributors"
[08:47:30] <polk.tim> "what is cybex?"
[08:49:40] <polk.tim> "5 functional blocks"
[08:49:52] <polk.tim> "cybersecurity ontology"
[08:51:45] <polk.tim> "importance of ietf"
[08:52:46] <polk.tim> "share the same philosophy"
[08:53:18] <polk.tim> "summary"
[08:54:29] <polk.tim> "references"
[08:54:53] <polk.tim> "messages of this presentation"
[09:00:12] <gary.gapinski> Question: What shortcomings of SNMP were addressed by NEA? Does NEA supplant/replace/obviate SNMP (and its extensible MIB structure)?
[09:01:30] <gary.gapinski> (My question is partially being answered)
[09:02:06] <sftcd> I think this is a good question
[09:02:44] <gary.gapinski> (and I think Juergen erroneously assumed that SCAP always implies client agent)
[09:03:20] <sftcd> the question I think is good is the one Tim's answering now btw
[09:07:57] semery joins the room
[09:11:48] Barry Leiba leaves the room
[09:21:34] juampe.cerezo joins the room
[09:21:42] juampe.cerezo leaves the room
[09:21:53] <gary.gapinski> IMO, the current caretakers of the SCAP protocols have embraced nigh-on stasis, and have avoided the introduction of extensibility (citing the need to prevent churn). It has correctly been pointed out that the IETF would need to make fundamental changes were it to accept SCAP as it currently stands.
[09:24:24] <spturner> gary we're going to read your statement out in just a second
[09:24:42] <gary.gapinski> don't forget the earlier question either, please
[09:25:25] <spturner> here we go
[09:25:27] <gary.gapinski> (the one at 09:00:36UTC)
[09:25:34] <spturner> yep
[09:25:38] <gary.gapinski> thx
[09:25:46] <sftcd> will there be hums of some sort in a bit or should we go socialising now?
[09:26:10] <spturner> I am not planning on humming
[09:26:54] sftcd leaves the room
[09:34:50] <spturner> and then we hummed ...
[09:35:13] <gary.gapinski> Another way to ask this question is if SCAP fills a void in existing IETF standards
[09:37:34] <gary.gapinski> for example, NEA (at brief first glance) appears to present an abstraction that could subsume the essential portion of SCAP (namely, evaluation of a ToE's security posture)
[09:42:27] Colman Ho leaves the room
[09:42:28] Juergen Schoenwaelder leaves the room
[09:42:34] polk.tim leaves the room
[09:42:35] Colman Ho joins the room
[09:42:48] spturner leaves the room
[09:43:27] Colman Ho leaves the room
[09:46:28] gary.gapinski leaves the room
[09:48:00] hazeyama leaves the room
[09:54:12] Colman Ho joins the room
[09:54:21] Colman Ho leaves the room
[09:54:34] kscarfone leaves the room
[09:54:43] tidty leaves the room
[11:43:25] semery leaves the room: Disconnected
[11:45:51] semery joins the room
[14:04:27] semery leaves the room