Security & Trust Meeting 2010-09-09

From Direct Project
Jump to navigation Jump to search
Notes from Security and Trust Meeting
Date: September 9, 2010
Time: 2pm-3pm
Attendees: Tim Andrews, Brian Behlendorf, Mike Berry, Didi Davis, Mike Davis, Erik Horstkotte, David Houlding, Dave Juntgen, Arien Malec, John Moehrke, Konda Mullapudi, Sean Nolan, Jack Ousey, Patrick Pyette, Nick Radov, Jas Singh, Ioana Singureanu

Current Actions

#
 Date
 Action
 Status
 Owner
 Due Date
49
 2010/08/26
 Create a one page document further explaining the LDAP issue to be submitted to the Security and Trust WG at large for approval
 Open
 John Moehrke
 2010/09/02
51
 2010/08/26

Bring following items up for consensus vote in WG:

 Open
(Extended)
 Sean Nolan
 2010/09/02
57
 2010/09/09

Explore participation in the IHE North America Connectathon 2011 and a demo for the 2011 HIMSS Annual Conference

 Open
 Arien Malec, Didi Davis
 On-going
58
 2010/09/09
 Coordinate preparation of an XDD Threat Model (when time is appropriate)
 Open
 Sean Nolan
 On-going
59
 2010/09/09

Bring the Content Security for Simple Health Transport specification to the attention of the Documentation and Testing WG

  • Suggest that this become a comprehensive transport spec for the Direct Project
 Open
 John Moehrke
 2010/09/15



Last Week's Actions

#
 Date
 Action
 Status
 Owner
 Due Date
49
 2010/08/26
 Create a one page document further explaining the LDAP issue to be submitted to the Security and Trust WG at large for approval
 Open
 John Moehrke
 2010/09/02
51
 2010/08/26

Bring following items up for consensus vote in WG:

 Open
(Extended)
 Sean Nolan
 2010/09/02
52
 2010/09/02
 Update the threat model diagrams to state "messaging client" instead of "SMTP" where necessary
 CLOSED
 John Moehrke, Sean Nolan
 2010/09/09
53
 2010/09/02

Draft the risks for Arc 1 and Arc 12 as identified by WG brainstorm:

  • Mal-intentioned perpetrators trying to connect
  • Clear text on both sides
  • Improper signing / bouncing issue
  • Middle man poisoning clarification
  • DNS spoof (Risk 2)
  • A client is trying to send data on behalf of a valid user
  • SMTP authentication/Mutual TLS issue clarification
 CLOSED
 Sean Nolan, John Moehrke
 2010/09/09
54
 2010/09/02
 Projected: Outline possible threat model for edge protocols to be included in XDD specification
 CLOSED
 John Moehrke
 2010/09/16
55
 2010/09/02

Update CERT Distribution Statement in the Content Security for Simple Health Transport spec

 CLOSED
 Sean Nolan
 2010/09/09
56
 2010/09/02

Address Brett Peterson's question about the E attribute of a DN

 CLOSED
 Umesh Madan
 2010/09/09


Agenda

  1. Review of actions from previous meeting
  2. Discussion based on Issue Framing
  3. Review of actions and decisions


Update

Sean Nolan


Round the Room

Sean Nolan

  • Asked the WG if they believe an XDD threat model should be prepared
    • Conducted in a "round the room" format
  • Summary:
    • Responded Yes: 7
      • Didi Davis, John Moehrke, Tim Andrews, Pat Pyette, Dave Juntgen, Arien Malec & Brian Behlendorf
    • Responded No: 0
    • No Comment: 6
      • Nick Radov, David Houlding, Ioana Singureanu, Mike Berry, Konda Mullapudi & Jack Ousey

Nick Radov

  • No comment

Didi Davis

  • Responded Yes

John Moehrke

  • Responded Yes
    • Suggested waiting until the following have been sufficiently developed
      • XDD specification
      • XDD component for the reference implementations

Tim Andrews

  • Responded Yes
    • Echoed John Moehrke's comment

Pat Pyette

  • Responded Yes
    • Echoed John Moehrke's comment

David Houlding

  • No comment

Dave Juntgen

  • Responded Yes
    • Echo John Moehrke's comment

Arien Malec

  • Responded Yes
    • Echoed John Moehrke's comment
  • Also suggested the following
    • Add transformation to the threat model
    • Reuse the XDR security consideration in our XDD threat model

Brian Behlendorf

  • Responded Yes
    • Echoed John Moehrke's and Arien Malec's comments

Ioana Singureanu

  • No comment

Jack Ousey

  • No response

Mike Berry

  • Introduced himself on behalf of HLN Consulting
    • Paternity leave
  • No comment
    • Would comment next week

Konda Mullapudi

  • No comment

Sean Nolan

  • Commented that the round's results were "pretty clear"
  • Stated that he will ask the XDD folks when they believe the code is ready


Open Discussion

Arien Malec

  • Commented on the status of the XDD specification
    • Held two meetings so far on defining: (1) levels of metadata, (2) soap headers, etc.
    • Good shape to close out a first round draft
    • Aim to hold one more meeting on Friday
  • Added that they have already submitted an item of concern to IHE
    • Plan to eventually submit a proposed solution to IHE as well

John Moehrke

  • Shared comments with respect to the September Connect-a-thon
    • Will be very developer focused
      • Would be useful for Direct to take advantage of this opportunity
      • Even though it is not a formal part of the Connect-a-thon
    • Suggested conducting some NHIN conversions there
      • Co-residents will create cross-pollination
    • Future planned code-a-thons will also provide opportunities for this
  • Stated there are many informal positives

Didi Davis

  • Shared comments with respect to the September Connect-a-thon
    • These meetings always put together items for "new directions"
    • Can take lessons learned there from the Documentation and Testing WG
  • Highlighted the 2011 HIMSS Annual Conference
    • February 20-24, 2011 - Orange County Convention Center in Florida
    • The conference hosts an Interoperability Showcase
      • Could be useful if Direct wanted to conduct a visible demo
      • Could plug into the greater developer community
  • In preparation for HIMSS, Direct could also participate in the IHE North America Connectathon 2011
    • January 17-21, 2011 - Hyatt Regency in Chicago
    • Large-scale interoperability testing event
      • Could test Direct project's specs there
        • In development by the Documentation and Testing WG

John Moehrke

  • Agreed with Didi Davis' comments

Arien Malec

  • Responded that this is a good point and will take a lead
    • Would like to have it presented there as well
    • Currently relying on the IHE folk
  • Asked Jas Singh to put this in the actions tracker

John Moehrke

  • Clarified that he already updated the diagram for the Threat Model - Simple SMTP
  • Added that he made some edits to the Content Security for Simple Health Transport spec
    • Made a change in conformance claims section
    • Also made a change in the security considerations section
      • Brought in those frequently asked riffs
  • Asked about the SMTP in the Content Security for Simple Health Transport spec
  • Recommended that the Documentation and Testing WG take a look at the spec
    • The Security and Trust WG has already covered the security elements
    • Specifically recommends that they make it more of a holistic spec

Sean Nolan

John Moehrke

  • Clarified that the spec has non-security components in it that are appropriate
    • Work that the Documentation and Testing WG can take on
  • Suggested calling it/transforming it into a comprehensive "NHIN Direct Specification"

Ioana Singureanu

  • Asked if the specification was only limited to the edge protocol and SMTP

Sean Nolan

  • Responded that yes, but that is primarily what NHIN Direct is addressing
  • Asked John Moehrke to make the recommendation at the next Documentation and Testing WG
    • John Moehrke agreed to carry the recommendation
  • Sean Nolan will be adding some items regarding MDNs to the spec therefore

John Moehrke

  • Added that there needs to be a way to document the security agent
  • Asked how does the agent mix it?

Sean Nolan

  • Pointed to the recommendation to make this document the overall transport spec
    • Separately extract appropriate content to an agent design

John Moehrke

  • Agreed to bring that up then to the Documentation and Testing WG

Sean Nolan

  • Asked the WG to once more review the threat models
Retrieved from "https://directproject.mywikis.wiki/w139/index.php?title=Security_%26_Trust_Meeting_2010-09-09&oldid=727"