Endpoint Discovery

[henkbirkholz]

The current definition of this term seems to refer to Endpoint Identification. This could be relabeled as Target Endpoint Discovery. Or is the intend of this definition something different entirely?

This would be one of the Building Blocks that compose SACM Components.

Correspondingly, a definition of SACM Component Discovery could be added.

[sacm]

My preference would be to a keep "discovery" and "Identification" as two very separate things. Our internal use of identification is to be able to assign some unique value to each device, along with some unique set of discoverable characteristics, that will allow users/evaluators to determine that the device under assessment, review, or remediation is the same device that was under assessment or review previously. This is a different issue than "discovering" devices.

Joseph L. Wolfkiel
SCM Engineering Lead
DISA ID52
Work: (301) 225-8820
Gov Cell: (571) 814-8231
Joseph.L.Wolfkiel.civ@mail.mil

-----Original Message-----
From: sacm [mailto:sacm-bounces@ietf.org] On Behalf Of henkbirkholz
Sent: Wednesday, June 17, 2015 11:35 AM
To: sacmwg/draft-ietf-sacm-terminology
Subject: [sacm] [draft-ietf-sacm-terminology] Endpoint Discovery (#14)

The current definition of this term seems to refer to Endpoint Identification. This could be relabeled as Target Endpoint Discovery. Or is the intend of this definition something different entirely?

This would be one of the Building Blocks that compose SACM Components.

Correspondingly, a definition of SACM Component Discovery could be added.

—
Reply to this email directly or view it on GitHub #14 . https://github.com/notifications/beacon/AKbE0Qta5Kffk1qpC-gwhCBJ_dVnhroBks5oUYsJgaJpZM4FFdZ-.gif

[henkbirkholz]

I agree with that.

As a first result, there will be at least two groups of terms that are about:
1.) Identification: the definition will include output from the Endpoint ID DT.
2.) Discovery: the architecture covers the term Discovery at least via the following text:

“Registration/Discovery: The discovery of what Providers are available, what information a Provider can share, and how it can be requested / communicated. A discovery mechanism is required to facilitate interaction with Providers that may have different Posture Assessment Information and potentially limited, or a rich set of, ways in which they can share the information.”

Registration seems to covered implicitly, at most. The content of this text will most likely provide the basis for the definition of Discovery in the terminology draft.

Both Identification and Discovery can have different foci that could be reflected in the terminology. Discovery and Identification of Target Endpoints, and Discovery and Identification of SACM Components and - closely related and equally as important – the Building Blocks/Capabilities of SACM Components on the Data Plane and the Control Plane.

Identification, Discovery and Registration would be Control Plane Building Blocks.

[henkbirkholz]

Added first draft of definitions for Target Endpoint Discovery, SACM Component Discovery, Target Endpoint Identifier and Target Endpoint Label to address this issue.

[henkbirkholz]

addressed in term draft