Salsa call: 3-May-2007

*Attending*
Mark Poepping, CMU (chair)
Michael Van Norman, UCLA
Terry Gray, U. Washington
Chris Misra, U. Mass
Deke Kassabian, U. Penn
Chas DiFatta, CMU
Doug Pearson, REN-ISAC/Indiana
Jeff Schiller, MIT
Ken Klingenstein, Internet2
Kevin Miller, Duke
Steve Olshansky, Internet2 (scribe)

*Discussion*
Welcome to our newest member Michael Van Norman (UCLA)
- other nominations welcome, contact Mark and Ken offline

- REN-ISAC Executive Advisory Group (EAG) update
Call held today. Membership model being discussed, making progress. Trust community is turning out not to be the most important element, information-sharing is a higher priority... Next call is in 2 weeks, more news to come as it develops. Sustainability is a key element of these business model discussions.

Moving maybe toward some sort of a 2-tier model, info-sharing at the base membership level, then sharing more sensitive info at the higher-trust community level. There is recognition that there is some info that should only be shared within a trusted community. Currently this is on the basis of personal trust, vetting new members by reputation, from trusted members. This is not really scalable as the community grows.

Q: You may trust someone to be part of a group, but do you trust him/her to recommend others? There is trust, and then there is Trust...

Withholding certain critical information from some organizations without trusted members of the community can be problematic, toward the bigger goals of enabling effective responses among higher-ed to identified incidents and vulnerabilities.

It was noted that some REN-ISAC restricted data feeds contain info available from other sources, and some organizations obtain this data elsewhere.

Should there be a special treatment for GigaPoPs? Some info is really more useful at that level, than at the campus level.

- Salsa-CSI2 WG update
Some additional discussion with DoJ, some interest in continued efforts, more to come on this.

First report from the shared darknet has been generated, this is a notable milestone.

- Salsa-DR WG update
First call is Friday 11-May 1:00 ET, then every 2 weeks thereafter. This new WG has generated a lot of interest. SMS messaging is on many minds in light of recent events, but this may not be the cure-all that some may believe it to be. At base it is just another messaging protocol, with good and bad features. What scenarios would it be most applicable/effective in?

Some campuses and state systems are moving ahead with SMS already. How would this be tied to campus identity systems? How are current cell-phone numbers collected and maintained effectively? Some of these systems would apparently be stand-alone, not connected to or integrated with campus systems in any way. Maintaining these separate databases will likely be a tricky issue.

User access issues may come into play as well, not all users are comfortable with text messaging features on their phones, if their phones are even able to receive them.

Overall, where is the low-hanging fruit in this space? How can we help campuses prioritize? The WG is just spinning up, more to come on this as it develops.

- Merger update
It appears to be moving forward well, due diligence is proceeding, info and updates will be posted on the Internet2 website as they are available. A merger planning team has been convened, along with a network planning team looking at the consolidation of the 2 networks.

- DNSSEC update
The BoF at the I2MM was very good. The Security Weir will feature a discussion on this topic as one of its early areas of focus. The .gov TLD will be signed by the end of 2007, according to DHS. Signing the .edu TLD is also being looked at seriously, ETA unknown at the moment.

There may be some interest in us holding/sponsoring a workshop, we are exploring this as an option to move the issue forward in the community, not to go back over whether it is a good idea in the first place. The general inclination is to move forward on this, we will try to come to resolution on this in the next few weeks.

Is there enough confidence among the community that implementing DNSSEC will not break anything? Is there anything we can do to raise the confidence level? Is there any real risk to the infrastructure? Since DNS is such a key foundational service, we ought to be proactive in looking at realistic ways of protecting it, sooner than later. Since .edu is seen as a leader in new technologies, moving this community forward will benefit the overall effort.

- Joint Techs
The next Joint Techs would also be a logical venue to hold a DNSSEC BoF. Also, firewalls continue to be of high interest, especially since the next JT will be at Fermi Lab. Mark and Doug are on the program committee, ideas from Salsa are welcomed.

- DOE "security of open science workshop"
Security in the "open science" context is an ongoing topic of interest, and they would like someone from Salsa to participate in the program committee.

- Lambdas - next steps?
Perhaps premature for us to setup something formal, even a dedicated list, as there are other venues in which this is being discussed. It is also not yet clear how widespread this is or will be in the wild in the near future...

Consensus is to park this issue for now, and not to pursue it just yet. We will revisit this in the future as events warrant.

- Security Professionals Conference report
It had record attendance and well received by participants. There were many new faces, not clear if this reflects high turnover or more widespread interest among smaller schools.

- REN-ISAC meeting report
The BoF talked about the difficulty of sharing tightly controlled data feeds with other staff in the receiving organization. Also talked about the membership model, with EAG is working on.

The REN-ISAC member meeting was maxed out, looking at member contributions to the community at large, as well as to subgroups

Looked at priorities for the coming year, as well as a referred trust model, cybersecurity registry, relationship to merged NLR-Internet2.