OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

openc2-actuator message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [openc2-actuator] Firewall Profile: Abstract/ Boilerplate material

Joe,

I like the more concise abstract, and concur that "Stateless Packet Filtering" is a better name. We've had a number of discussions that some product might implement multiple actuator functions, so it makes sense to me to name the profiles with a focus on function.

Dave

David P. Lemire, CISSP
  OpenC2 Technical Committee Executive Secretary
  OpenC2 Implementation Considerations SC Co-chair
  Contractor support to NSA
Email: dave.lemire@g2-inc.com
Office: 301-575-5190 / Mobile: 240-938-9350

On Tue, Apr 3, 2018 at 8:48 AM, Brule, Joseph M <jmbrule@radium.ncsc.mil> wrote:
Actuator Profile Subcommittee,

I would like to resolve some of the comments in the 'stateless packet filter' profile, herein referred to as the firewall profile.  The draft is located on googledocs at https://docs.google.com/document/d/1CvD4dhnGPsYVYrMoJTIjeQA9vN3i33eqwkhEGRWsBVA/edit#

Apologies in advance for the wave of emails, but there will be a series of emails with one or two issues rather than sending a comprehensive email with all of the current comments.   Slack is quite suitable for quick discussions so there will be deliberations on slack.  I will periodically summarize the gist of the slack discussion via email so that the slack discussions will be a subset of the email threads (the emails will not replicate all the back and forth threads, just capture the gist)

Please provide comments to the topics in these emails via 'suggest mode' on googledocs, slack discussions, reply to this email, mark up to googledoc or any mechanism that is best for you.

ABSTRACT/ BOILERPLATE:
There was a comment requesting that we minimize the front matter (such as  abstract, status, notices etc.) and if possible move it to the back.  I believe that the OASIS template is required and I took an action to ask the OASIS staff.  Here is a proposed abstract:

Abstract:
Open Command and Control (OpenC2) is a concise and extensible language to enable the command and control of cyber defense components, subsystems and/or systems in a manner that is agnostic of the underlying products, technologies, transport mechanisms or other aspects of the implementation.  Stateless packet filtering is a cyber-defense mechanism that denies or allows traffic based on static properties of the traffic (such as address, port, protocol etc.). This profile defines the actions, targets, specifiers and options that are consistent with version 1.0 of the  OpenC2 Language Specification in the context of stateless packet filtering.

NAME OF THE PROFILE:
There were multiple suggestions for the name of the profile including:
First Generation Firewall
Packet Filter Firewall
Stateless Packet Filter
As of now, the majority prefers 'Stateless Packet Filter'.
Question:  Is 'Stateless Packet Filtering' acceptable?  The addition of the 'ing' highlights that we are addressing a function rather than a box.

Thank you

Joe B

---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]