[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [Non-DoD Source] Re: [openc2-actuator] Modification to the stateless-packet-filter profile
Dave,
Thank you for the response, but need you to clarify something for me. When we get to ‘deny’ are you suggesting that I repeat all the specifiers that were identified
with ‘allow’ (in the interest of being boring and complete) or is OK to replace the duplicates with the phrase:
“Deny can be treated as mathematical complement to allow. With the exception of three additional options outlined in table 2.1.2,
the targets, specifiers, modifiers and corresponding responses are identical to the four allow commands” Also a comment to your comment:
You suggested changing “Implementation of the Allow ip-connection command
is required” to “Implementation of the Allow ip-connection command-target
pair is required. ” I do not agree with the modification for the following reasons:
IAW with the language spec, ACTIONS and TARGETS are decoupled components. At a minimum a COMMAND consists of an action and target.
In the profile, we are identifying the COMMANDS that are required or optional to implement.
If we say command, that means an action-target pair If we say command-target pair, it would imply ACTION TARGET TARGET TO be consistent with the language spec, we need to say either:
“Implementation of the Allow ip-connection
command is required” OR “Implementation of the Allow ip-connection
action-target pair
is required” Sound logical?
VR Joe B From: openc2-actuator@lists.oasis-open.org <openc2-actuator@lists.oasis-open.org>
On Behalf Of Dave Lemire Joe, 1) Yes, I think this is a very logical approach. Nice work. 2) I get that the Deny table is a boring match to the Allow table, but ultimately I think you have to have it. Standards documents thrive on boring completeness. 3) I suggest one modification in your detailed subsection:
The subsections are describing a command-target pair, not just a command, and I think should be described as such. Dave David P. Lemire, CISSP On Mon, Apr 2, 2018 at 2:26 PM, Brule, Joseph M <jmbrule@radium.ncsc.mil> wrote:
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]