Salsa Call: 16-Nov-2006

Salsa Call:
16-Nov-2006

*Attendees*
Mark Poepping, CMU (chair)
Kevin Miller, Duke
Chris Misra, U. Mass
Terry Gray, U. Washington
Joe St. Sauver, U. Oregon
Deke Kassabian, U. Penn
Rodney Petersen, Educause
Doug Pearson, Indiana/REN-ISAC
Ken Klingenstein, Internet2
Renee Frost, Internet2
Steve Olshansky, Internet2 (scribe)

*Action Items*
[AI] (All) Ping SteveO if you are interested in being added to the DNSSEC list
[AI] {Rodney} will add this topic (security lists - public and private) to the STF security lead meeting at the Fall I2MM
[AI] {SteveO} will work with Deke, Chris, Joe, and Mark to frame a discussion with the DNSSEC group about some outreach/positioning materials - DNS' role in enterprise security architecture - "Why DNS matters..." - "Accommodating the Future..."
[AI] {Doug and Joe} will provide some high-level reference materials (one-pager) to support this outreach effort - about how DNS is important as part of the enterprise infrastructure, and relevant work in that area.
[AI] {All} If you are interested in joining the OGF firewall doc reading group contact Ken or Joe ASAP [AI] {Rodney} will send the abstract of the STF strategic plan to the list
[AI] {Chris, Rodney, Doug, SteveO, and Renee} will set a call to work out details of the REN-ISAC meeting at the Security Professionals Conference

*Discussion*
- DNSSEC
Please follow up to this thread on the Salsa list... Do we want to engage the DNSSEC pilot list for cross pollination of the discussion? There has been some good discussion between Joe and Shumon, in particular. What additional serendipities might there be, in terms of benefits flowing from DNSSEC in other areas?

[AI] (All) Ping SteveO if you are interested in being added to the DNSSEC list
[AI] {SteveO} will work with Deke, Chris, Joe, and Mark to frame a discussion with the DNSSEC group about some outreach/positioning materials- DNS' role in enterprise security architecture - "Why DNS matters..." - "Accommodating the Future..."

-Lists
The question of what conversations logically belong on which of the many security lists many of us are on is a good one. We will follow up on this topic at the Salsa meeting at the Fall I2MM. Joe is working on a taxonomy of relevant lists as an aid and will send it out shortly.

[AI] {Rodney} will add this topic (security lists - public and private) to the STF security lead meeting at the Fall I2MM

- DKIM/SPF redux - time to push something (or not)?
Many major mailers are deploying SPF in response to particular problems, not so much as an all-purpose anti-spam tool. There is also a great deal of interest and activity surrounding DKIM. Perhaps starting a thread on these topics on the HiEd-Email-Admin list about this would be fruitful.

There is no direct dependency on DNSSEC. It would strengthen DKIM, but is not a requirement... They are solving different problems, but happen to use DNS as the foundation/transport.

Ken will raise some of these issues with the Campus CIO Forum (formerly known as the Campus Expectations TaskForce), noting that these are important issues with broad implications, which should be on their radar, and on which we are working. Also noting REN-ISAC default practices, e.g. postmaster@domain and abuse@domain monitored aliases, etc.

[AI] {Doug and Joe} will provide some supporting high-level reference materials (one-pagers) to support this outreach effort - about how DNS is important as part of the enterprise infrastructure, and relevant work in that area.

- OGF firewall doc reading group
Joe, Doug, and Ken so far have signed up to review the doc.
[AI] If you are interested please contact Ken or Joe ASAP, the study group will convene next week. http://www.ogf.org/documents/GFD.83.pdf

- Joint Techs
- see Doug's mail to the list today about security focus areas, and Joe's response. If you have other topics to suggest please discuss via the list, or contact Doug offlist.

- Fall I2MM
- there are a number of security-related sessions, see the list Renee sent out to the Salsa list 2-Nov.
[AI] {Rodney} will send the abstract of the STF strategic plan to the list, which will be discussed at the STF security lead meeting at the I2MM

- Security Professionals Conference
There will be a half-day REN-ISAC meeting just after the meeting (12-April), the goals being discussion of the DoJ/CSI2 work, and community building, and gaining consensus on needed tools in this space. The conference CFP closes 28-Nov. [AI] Chris, Rodney, Doug, and Renee will set a call to work out details

- NSF large facility cybersecurity summit is February 22-23 in Arlington. The announcement will go out in early December.

- Salsa membership/assessment redux... (includes priority setting) How can we ensure this is a useful discussion, and how can we make this an even more useful activity? What new members might be on the horizon? Consensus is that high-level coordination and sounding board is a very useful aspect. Membership discussion is parked for a later call, but suggestions for new members are always welcomed.

- Robust listproc for networking guys... Is there value in creating a new list? Or are current lists sufficient for current topics? This will likely fall out of Joe's list taxonomy. If there is a set of NetMan issues that warrant discussion not happening on existing lists, maybe we should consider facilitating a new forum for this purpose.

- New OASIS TC proposed: Enterprise Key Management Infrastructure (EKMI) http://www.oasis-open.org/archives/tc-announce/200611/msg00004.html