Skip to end of metadata
Go to start of metadata

AD-Assurance Notes from May 10

Lee Amenya, UCSD
David Walker, InCommon/Internet2 
Eric Goodman, UCOP
Brian Arkills, UWash
Michael Brogan, UWash
Eric Coleman, U of IL
Ann West, I2/InC (scribe)

Next Call

May 17 at Noon ET
+1-734-615-7474 PREFERRED
+1-866-411-0013
0195240#

Agenda: Discuss Monitor and Mitigate AM; Eric G's first cut at Cookbook content review.

Action Items

  • David to review the IAP and determine where RC4 is an issue. Specifically 4.2.8.2.1 and 2, and 4.2.5.3.
  • Ann will update the  Questions for Microsoft to reflect the RC4 and NTLM v1 and v2 questions.
  • Brian/Ann to contact Microsoft to arrange a meeting with another contact,
  • All to review the monitor and mitigate AM
  • Brian to clarify whether one can tell the difference between NTLM v1 and v2 in the logs. 
  • Eric to take a first cut at reviewing the Cookbook and develop recommendations for what to keep, cut, and edit.

Notes

Dean Wells couldn't make the call due to a new child arrival in the family. Ann/Brian will try to find another Microsoft contact to loop in.

For next steps, the group identified finishing the monitor and mitigate alternative means and updating the cookbook as key action items in the interim. 

  • Alternative Means requirements outlines InCommon's process for submitting AM. David/Ann will review the current Monitor and Mitigate draft and update the format for submission to the AAC. ALL to review the content. 
  • Updating the cookbook - Eric will take a first cut at reviewing the Cookbook and develop recommendations for what to keep, cut, and edit.

Outstanding issues

  • The group identified RC4 as the primary issue for Microsoft. 
  • To submit the AM, we need to determine if we can tell the difference between NTLM v1 and v2 in the logs. 
  • Ann will update the questions to reflect these top priorities.
  • No labels