note-taker: Joe Abley jabber-monitor: Joe Abley meeting starts at Mon 26 Jul 2010 17:41:35 CEST Joel recounts note well. Joel presents Agenda. No changes were requested. Joel presents document status. Andrew Yourtchenko presents on draft-ietf-opsec-protect-control-plane. This is the second time this document has been presented. An overview of the motivations and document approach was provided. The status of the document is that -02 is expected to be published in mid-August, and that the authors anticipate being ready for last call at that time. Joel notes: That document is progressing well, August WGLC does notseem unreasonable. Other vendor-specific examples would be welcome in addition to the current two. General problem space is not limited to routers, but is also applicable to other converged devices. No additional comments from the room. Yinxing Wei presents Analysis of Security Association For Current Routing Protocol work being done under the karp working group charter. Chris Morrow: wonders why there is a need for more key management protocols. Chris thinks that manual configuration is fine; he just wants a reliable way of updating a key smoothly, and of changing many keys because of a single event (e.g. employee leaves the company). The KMF approach seems overly complicated. Joel notes (operational) desire not to boil the ocean. Chris agrees that's a more succinct way of making his point. Joel suggests that in the ops area we are unconvinced (need to be convinced rather than mind made up) that rolling out a key management protocol would solve a useful problem. Chris did like the survey of what different routing protocols provide. He is just decidedly unsure about the usefulness of a key management protocol. Joel presents Outreach Activities. On NANOG there has been discussion of a set of well-known BGP community string attributes. Consensus on the NANOG list seems to be that any document which aims to document lists of standard values is unlikely to gain relevance. However, it seems like there is some value in cataloguing the kinds of controls people provide using community string attributes. Fred Baker is interested in how we might set up an IANA registry. Joe described briefly the possible approaches, but noted that a registry would be more useful for a list of prescribed of attribute values, not for a catalogue of capabilities. Warran Kumari wonders whether this is a job for an IETF document, or whether something more ephemeral like a wiki might not be better. Joel wonders whether a common vocabulary might be really what we want, not something specifically tied to particular values. No obvious volunteers were evident in re-steering the existing document, but there is interest and Joel knows people outside this meeting who are interested in working on documents in this general area. Joel passed on a suggestion from Bob Natale that opsec might have an interest in sharing information with the TM Forum (formerly the OSI Network Management Forum). Joel noted that almost all of our documents are on track for last call before the next meeting, and hence a re-charter will be discussed on the mailing list between then. Also noted that scheduling meetings is difficult and that we should not meet arbitrarily, if there is no work to be done in the working group. Sean turner - Ops area directors have expressed the opinion that the work in opsec finds a better home in opsec than it would in opsawg, and so there is enthusiasm there for this working group to remain alive. Sean turner (security ad) - mentioned that Tim has reviewed the revisions to -crypto-issues following his earlier DISCUSS, and he has some new comments that he will pass on. Meeting closed at Mon 26 Jul 2010 18:23:08 CEST. _______________________________________________ OPSEC mailing list OPSEC@ietf.org https://www.ietf.org/mailman/listinfo/opsec