Salsa Call 10-Jan-2008

Salsa Call 10-Jan-2008

*Attending*
Chris Misra, U. Mass (chair)
Terry Gray, U. Washington
Joe St. Sauver, Internet2/U. Oregon
Deke Kassabian, U. Penn
Mark Poepping, CMU
Ken Klingenstein, Internet2
Kevin Miller, Duke
Rodney Petersen, Educause
Renee Frost, Internet2
Steve Olshansky, Internet2 (scribe)

NOTE: Due to a conflict with Joint Techs, we will skip the 24-January call. The next call will be Thu 7-Feb-2007

*Action Items*
[AI] {SteveO} will post Chris' and Mark's recent NERCOMP presentations to security.internet2.edu.

*Discussion*
Working Group Updates

Salsa-CSI2 and Salsa-DR - quiet over the holidays

Salsa-FWNA: Interesting discussion on the TF-Mobility list about 802.1x/Eduroam portal issues
http://www.terena.org/mail-archives/mobility/

Upcoming Meetings
- Joint Techs
January 20-25, 2008, Honolulu, HI
Joe will be doing a talk about unidentified data in netflows. There may be an informal ad hoc DNSSEC BoF, if there is critical mass.

- Net@EDU
February 10-12, 2008 (Working Groups through February 14, 2008), Tempe, Arizona
http://www.educause.edu/NMM08

- Educause/Internet2 Security Professionals Conference
May 4-6, 2008, Arlington, VA
http://www.educause.edu/sec08/

- CAMP: Bridging Security and Identity Management
February 13–15, 2008, Tempe, AZ
http://www.educause.edu/camp081

There are 100+ registered attendees so far, reflecting wide interest in the crossover topics

- Spring Internet2 Member Meeting
April 21-23, 2008, Arlington, VA
http://events.internet2.edu/2008/spring-mm/

There is general interest among attendees in more security-related sessions, so if anyone has ideas or proposals please send them to Chris and Renee ASAP. Proposals are due 23-Jan. Tentatively at the moment:
    - Security Architectures
    - DNSSEC BoF
    - Salsa Update

- NetGuru/CNN (Campus Network Nerds?)
Goal is to convene senior network engineers. Potential topics include IPv6, DNSSEC, Security Architectures, Dynamic Circuits. This will be discussed at the upcoming NetGuru meeting, which may end up as an oversight body for this activity. Ken will be writing up a proposal and passing it around to some folks for feedback and comments.

There was a proposal to start off with issues arising from within the group, rather than more forward looking strategic issues, in order to gel the group early on. This will likely evolve into a more formal activity similar to a working group, with regular calls, flywheel, wiki etc. A clueful technical writer would also be a positive addition, if available, to capture and codify the output of the group.

Topic suggestions are welcomed and encouraged, please send to Ken ASAP or discuss on the NetGuru list.

- REN-ISAC update
Internet2 has committed some resources for this year to support REN-ISAC.

- Funding opportunities
There may be an upcoming opportunity to apply for some funding to support security work, so we should be thinking about areas of work that we may want to propose for this support. More to come on this as it develops.

- Security architectures
There is not a clear taxonomy or strategic approach around this yet, and different meanings for the term. What could/should it mean for us?

Rodney and Jack did some work along these lines in the past, in the context of the Educause/Internet2 Security Task Force, which was very useful. It would be helpful to review this in advance of deeper discussion around this topic.
https://wiki.internet2.edu/confluence/display/secguide/Security+Architecture+and+Models

"Security-driven network architecture" and "network-driven security architecture" are terms that Terry proposes are useful in discussing this. Similarly: "middleware-driven security architecture" and "security-driven middleware architecture" are terms Chris has used.

Any Salsa members interested in this topic are encouraged to participate as we flesh this out. In essence this is distilling what many of us have been doing for a long time, and useful in communicating to broader audiences.

[AI] {SteveO} will post Chris' and Mark's recent NERCOMP presentations to security.internet2.edu.

The Educause/Internet2 Security Task Force Effective Practices work has moved to the Internet2 wiki, and they are looking at ways to encourage more community contributions.
https://wiki.internet2.edu/confluence/display/secguide/Home

In particular (1) use cases, (2) "ordering the space," and (3) recommendations are high priorities ongoing.