Definition Tasks #28
Comments
|
Can someone (@henkbirkholz ?) figure out where this is coming from? I can't find "Attribute Definition" in the current or previous draft. In terms of the bigger question: Are certain "artifacts" not necessarily conducted by a SACM component? I think the answer is yes. I think activities like defining a policy (i.e. like a CIS Benchmark or a USGCB checklist or a DISA STIG) are largely manual processes. There may be some cases where certain recommendations could be inferred by a SACM component based on different guidance (but at some point the guidance relied upon comes from an organization, which is likely to be a manual process). What is the action to be taken from this issue? |
|
I looked at version 13, 8, 5. I didn't fine the terms "attribute definition" or "policy definition". I assume it means the task or process of defining attributes or policy. I agree with Adam that some policies are defined outside SACM, and the policies can be used by SACM for posture collection, for example. I presume SACM can define internal policies too, e.g. on how SACM components should work together, but I don't have a good example. I believe this discussion helps our understanding. I don't see the need to create "attribute definition" or "policy definition" terms yet. |
|
Jarrett, I agree. I'd like to close this issue if there are no objections. |
|
Hi,
I agree w/ Jarrett and Adam - let's close this issue.
Cheers,
- Ira
Ira McDonald (Musician / Software Architect)
Co-Chair - TCG Trusted Mobility Solutions WG
Chair - Linux Foundation Open Printing WG
Secretary - IEEE-ISTO Printer Working Group
Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG
IETF Designated Expert - IPP & Printer MIB
Blue Roof Music / High North Inc
http://sites.google.com/site/blueroofmusic
http://sites.google.com/site/highnorthinc
mailto: blueroofmusic@gmail.com
Jan-April: 579 Park Place Saline, MI 48176 734-944-0094
May-Dec: PO Box 221 Grand Marais, MI 49839 906-494-2434
…On Wed, Apr 4, 2018 at 9:55 AM, adammontville ***@***.***> wrote:
Jarrett, I agree. I'd like to close this issue if there are no objections.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#28 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AKbE0WxZ3QlHX9ffMIlArpwqYKyDo24Vks5tlNDjgaJpZM4HLxf1>
.
_______________________________________________
sacm mailing list
***@***.***
https://www.ietf.org/mailman/listinfo/sacm
|
1.) The way it is worded at the moment, the tasks "Attribute Definition" and "Policy Definition" in the definition of SACM tasks could imply that they are conducted manually (especially "Policy Definition") and not necessarily conducted by a SACM component. This seems to be in contrast to the other tasks, which are all conducted by a SACM component.
Is this intentional? Is a SACM task always conducted by a SACM component? Does every SACM task have a corresponding manual counterpart?
2.) The name of the SACM task "Attribute Definition" could be misleading. No attributes are defined, but a subset of defined attributes is aggregated in a list (that is called attribute definition at the moment).
The text was updated successfully, but these errors were encountered: