Hi Linda, Please see my response inline: From: Linda Dunbar Sent: Saturday, March 25, 2017 4:46 PM To: Xialiang (Frank); Linqiushi (Jessica, SCC) Cc: [email protected] Subject: questions to draft-xia-i2nsf-security-policy-object-00
Frank and QiuShi, Is it possible add some examples on using those objects in a policy? Showing how those objects make policy description easier? [Frank]: good point, we will update it in next version. Use "Application Object" as an example, can you list some possible values for the "applicationCategory attribute"? and demonstrate how those values are used? [Frank]: see the following examples, and of course, will reflect them in the next version draft: Application Object | +---applicationName | +---applicationCategory e.g., general, network application | +---applicationSubCategory e.g., search engine, electronic commerce | +---applicationTransmissionModel e.g., client/server, peer-to-peer | +---applicationLabel e.g., database, http-based | +---applicationRiskLevel e.g., 5 risk levels Is it valuable to include a recommended policy profile when those applications are located in different places? e.g. when those applications are migrated to a 3rd party cloud dc, what are the recommended security policies to be applied to them? [Frank]: I think these contents are valuable to clarify their usefulness. We will consider how to achieve this goal, maybe an appendix for it is appropriate. B.R. Frank Thank you very much. Linda
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
