Salsa call: 6-April-06
*Attendees*
Mark Poepping, CMU (chair)
Charles Yun, Internet2
Joe St. Sauver, U. Oregon
Deke Kassabian,
U. Penn
Kevin Miller, Duke
Doug Pearson, Indiana
Greg Travis,
Indiana
Renee Frost, Internet2
Terry Gray, U. Washington
Chris
Misra, U. Mass
Chas DiFatta, CMU
Jim Pepin, USC
Jeff Schiller,
MIT
Jack Suess, UMBC
Steve Olshansky, Internet2 (scribe)
*Discussion*
- CSI2 update -
3 main thrusts currently:
1. shared darknet:
create a wide-aperture scanner using data from a variety of
campuses (unused address space), correlating across disparate
systems using REN-ISAC as the central repository. This should
not entail a great deal of policy overhead since it is only
using unused address space, nor is user privacy being compromised
for the same reason. MOUs are in progress
2. IODEF data structures,
and how they can be used to share incident data, goal is to
standardize reporting, possibly using EDDY as a transport
3.
shared/distributed IDS, to see if this might be applicable
to shared darknet data, among other data feeds
There is some
work under way at Indiana, looking at harmonizing output from
sensor monitoring and other sources. There might be good synergy
with #3 above...
Q: is this working on semantic unification,
or syntactic?
A: not clear yet, Doug will find out and report
back, and close the loop with CSI2 if it seems appropriate.
- NetAuth update -
Working on case studies... There is some
work in IETF that has some potential intersection: PANA (Protocol
for carrying Authentication for Network Access) and NEA (Network
Endpoint Attachment), the subject of a BoF at the last meeting.
http://www.ietf.org/html.charters/pana-charter.html
http://www3.ietf.org/proceedings/06mar/agenda/nea.txt
http://www3.ietf.org/proceedings/06mar/minutes/nea.txt
http://www3.ietf.org/proceedings/06mar/slides/nea-0.pdf
- FWNA update -
there has been some discussion about integrating
SAML with 802.1x/EAP, the FWNA WG session at the I2MM will
delve into this further. How this could play out in the IETF
is not clear...
- Reconnections Workshop update -
The final
workshop report is now online, linked from the workshop page
http://security.internet2.edu/rtp/
Everyone is encouraged to forward the link around to people you think would be interested. An executive summary is now in progress.
How this relates to GENI and HPC is still unfolding. There are a couple cyberinfrastructure-related activities getting going, which might be good to plug into this. More on this forthcoming...
- Regional Security Teams
-
and their relationship with REN-ISAC will be the subject
of a BoF at the Security Professionals Conference. "The
idea is to discuss how regional security teams can interact
with each other and the REN-ISAC, how regional teams might
share insights and experiences, and how nascent teams might
benefit from the experience of others. The BoF will be co-hosted
by Chris Misra of U.Mass / NOXSEC regional security team and
Doug Pearson of REN-ISAC."
- Spring Internet2 Member Meeting
(I2MM) -
Mark encouraged the group to view the security-related
events at the meeting through the prism of the near/middle/long
term breakdown we have previously used to view our work. Discussion
on this via the list is welcome...
- S.2360 (Internet Non-Discrimination
Act of 2006) -
(To get a copy, go to http://thomas.loc.gov/ and search for S.2360...) Joe sent a note to the list 6-April
on this topic. It appears that this bill will have significant
impact if it passes. Will users or service providers be required
to pay for acceptable (better? premium?) service levels from
ISPs?
It was noted that some prominent figures formerly with the FCC have suggested that asking the legislature to solve a problem they don't clearly understand may not bode well. Overreaction is not warranted at this point, but it would be useful for us as an organization(s) to support providers who share our view of appropriate approaches to network services.