[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: Support IP Address CIDR/Subnets
OpenC2 Technical Committee,
Suggest the following substantive change to the "Open Command and Control (OpenC2) Profile for Stateless Packet Filtering Version 1.0"
BACKGROUND:
As currently written the 'ip_addr' target in section 2.1.2.1 is not consistent with the Language Specification and if corrected to be consistent with the language specification, then the SLPF will no longer support CIDR notation.
PROPOSED CHANGE:
Add a new target to the language specification to accommodate CIDR notation for IPv4 and IPv6 addresses
Modify table 2.1.2-1 in the SLPF to include the new targets.
Update table 2.3-1 to in the SLPF to include the new targets in the command matrix
Add new subsection to section 2.3.1 to indicate that the new target is appropriate for the 'allow' action
Update table 3-1 in the SLPF to include the commands affected by the new target
Update the conformance targets in section 3 of the SLPF to reflect the new target
JUSTIFICATION:
The Technical Committee has identified use cases such that the ability to allow (or deny) a range of addresses with a single command is warranted.
Respectfully Submitted,
Joe Brule
Subject: Support IP Address CIDR/Subnets
From: "STAIR, MICHAEL A" <ms1784@att.com>
To: "openc2-comment@lists.oasis-open.org" <openc2-comment@lists.oasis-open.org>
Date: Wed, 28 Nov 2018 13:46:51 +0000
Earlier CSDs supported (via example at least) the ability to provide CIDR notation for IP addresses. The proposed IP serialization in the CD removes this option. Supporting the CIDR capability is important, especially in proactive scenarios.
Mike
_____________________________
Michael Stair
Lead Member of Technical Staff
AT&T Chief Security Office (CSO)
301.401.8449
mstair@att.com
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]