Salsa Call 18-May-2006

Salsa Call
18-May-2006

*Attendees*
Mark Poepping, CMU (chair)
Charles Yun, Internet2
Jeff Schiller, MIT
Chas DiFatta, CMU
Chris Misra, U. Mass
Joe St. Sauver, U. Oregon
Renee Frost, Internet2
Jim Pepin, USC
Rodney Petersen, Educause
Kevin Miller, Duke
Deke Kassabian, U. Penn
Doug Pearson, REN-ISAC / Indiana
Steve Olshansky, Internet2 (scribe)

*Discussion*

CSI2 update
- Close to final agreement on funding RENOIR development – building a reporting infrastructure to facilitate incident reporting, using IODEF
- Shared darknet is close to operational

-NetAuth update
- Looking at creating a doc on 802.1x architecture(s) and use cases, which would be a valuable reference for the community...
- Also tracking Network Endpoint Assessment (NEA) activity in IETF, which appears to be headed toward becoming a working group. More detail forthcoming soon, via Chris.

FWNA update
- Collaborating with NetAuth on the 802.1x doc referenced above, with an eye toward next-gen Eduroam
- Looking at policy requirements for authentication

CALEA update -
There was discussion about whether CALEA requires associating traffic with a particular person, or just an IP address? If so, how does this relate to Network Access Control (NAC)/admission control systems? This is a subject for further research...

Also, what are institutions doing for the required 90-day CALEA report? There is some question about what exactly should be in these reports.

RTP update
- Executive summary now available on the workshop website. Comments/feedback are welcome. Please feel free to propagate among your campus execs as you care to...
- Potential workshop brewing: "Living with Lambdas"

REN-ISAC update
- Ramping up subscriptions, has secure website and IRC server up and running.
- Working on additional (tightly controlled) data offerings – e.g. botnet tracking
- Formed technical advisory group (TAG)
- Looking at approaches for clearly segregating sharable data with more restricted data, to make it clear what is sharable (and encourage sharing) and what needs to be closely held among recipients
- FBI cyber-crimes division is interested in collaborating, discussions to come

DNSSEC update
- First call took place, 4 sites volunteered to participate in a pilot, cross-signing and verification. Additional participants are welcome, if you are interested contact Charles
- I2 should be up and running soon
- See relevant ref: http://www-x.antd.nist.gov/dnssec/

*Meetings*
Planning underway for Joint Techs JT this Summer in Madison
- DNSSEC BoF
- How to configure ICMP BoF? Expand to why ICMP is valuable, and thus why it should be allowed to transit firewalls?
- "Keeping your Security Filters from Ruining Network Performance - or the Measurements of Performance"
- Disaster Recovery - LSU interested in leading this, esp looking at storage, virtualization, and training. Plans to present at JT on this, then maybe run future workshop on this topic (2-3 days), position LSU as leadership - center of excellence in this area. Ongoing LSU will own this activity, I2 will provide a bit of support as appropriate.
- Bro? May be too vendor-specific...
- CALEA?
- other suggestions? Contact Mark or Charles, or float via the list

*Other items*
Salsa speaking engagement for the summer agenda. Please send suggestions to Charles