Re: [arch-d] Possible new IAB program on Internet trust model evolution
Guntur Wiseno Putra <gsenopu@gmail.com> Sat, 01 February 2020 05:07 UTC
Return-Path: <gsenopu@gmail.com>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0F0012001A for <architecture-discuss@ietfa.amsl.com>; Fri, 31 Jan 2020 21:07:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z1nUn7B-82Bl for <architecture-discuss@ietfa.amsl.com>; Fri, 31 Jan 2020 21:07:06 -0800 (PST)
Received: from mail-oi1-x234.google.com (mail-oi1-x234.google.com [IPv6:2607:f8b0:4864:20::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 508DB120048 for <architecture-discuss@ietf.org>; Fri, 31 Jan 2020 21:07:06 -0800 (PST)
Received: by mail-oi1-x234.google.com with SMTP id q81so9574097oig.0 for <architecture-discuss@ietf.org>; Fri, 31 Jan 2020 21:07:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Sch8ub/dQod7KZ8ggFeUL9LyHaCtvPwqU/NqziGECJ0=; b=HvVkxhOlpZRUR4kti/t2m64zvSZY9p5SPresuXOSi5ZSzWol+hblrykAdRK2xNVQAu zETbvZiQIl6LxOBt+1AjtXR6VS5JGyKOFRXXVxFb5RyeMWA8/0b9q+dqMUbPgLYZRhAT doRiW5/PW1cxE2U5wDiKXFJW47TybArfmh+eRzNdtTWoFTxBVoOc0ErB6ONkNneufwiD oaWmTmrhFtHMG9nhrHB9X9FjlnbVOlDU/so7jKlg5PURxlOn3y8YhYk+wPt0kCRt/BIF y3O1ipJtMDgjimAdaL6PvHSHbK7RTuLXfblT2Xmi4vsSZUY3QUMDBl6JeEHTIXCdbwPi a+HA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Sch8ub/dQod7KZ8ggFeUL9LyHaCtvPwqU/NqziGECJ0=; b=ZmP8klKBFZoAAieGwAKkt1dHf4+kwElqwHQFKmN+CM8YPCJtk9oVO9ux9FlkViVCC4 1WZZJ4FfNjXgpGfDlombBMFmVIivT7r6AEJb0I56/O+pEoM36+mL6v6gyqnU2YIvekMH aWtB/UlslLLzh9DaI0HMM/TXuhmR5u/280yUmsbZgCTTmJ4+uPYEEHxf2eBjaiw1WekK /6rGEDAWTdpNQK2USAnyl68+6Nfx0No17vL0Psh913i36Kb0Qn/Xz+UF1yCHnrynxvmr uy0ErmwTkkhvhwO1E+9Z2XkEL5OXGWmZw2T2ymxrxYPuZShpfcpG5CySq9sRsUiP3vLx e6bA==
X-Gm-Message-State: APjAAAU+vBhx3CLtGI47dmgPq50CSBJBFDARmaFgStX70nzLdpQDop5B WQOzx8pWuepO/2uCoOPKllKwf0JZEUupqVQT2VI1QA==
X-Google-Smtp-Source: APXvYqyBasoZT0F1yA4t1BNYENYXg2BGKvSYtXqg9cP14SfDwbn6BHEQRbwti1XG6yvSn6IO5DlFMnmjRc4PcEBKEm0=
X-Received: by 2002:aca:f587:: with SMTP id t129mr6733739oih.143.1580533625548; Fri, 31 Jan 2020 21:07:05 -0800 (PST)
MIME-Version: 1.0
Received: by 2002:a05:6830:1155:0:0:0:0 with HTTP; Fri, 31 Jan 2020 21:07:04 -0800 (PST)
In-Reply-To: <CABcZeBOF33VQ6SNdWGV15hLhW370gEkx16AwYY3ft3jfL2=kLg@mail.gmail.com>
References: <E2D709DC-DD01-4946-B2F1-7EE0E101DEF0@piuha.net> <CABcZeBOF33VQ6SNdWGV15hLhW370gEkx16AwYY3ft3jfL2=kLg@mail.gmail.com>
From: Guntur Wiseno Putra <gsenopu@gmail.com>
Date: Sat, 01 Feb 2020 12:07:04 +0700
Message-ID: <CAKi_AEvPceibcFv97dj0Buv+zLOH6f2Lp6CSs++UMc9-LEsEng@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: Jari Arkko <jari.arkko@piuha.net>, "architecture-discuss@ietf.org" <architecture-discuss@ietf.org>, "model-t@iab.org" <model-t@iab.org>
Content-Type: multipart/alternative; boundary="0000000000004e7382059d7ca917"
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/ynnumdgAu2qQQwSpgCCGS_EYYM4>
Subject: Re: [arch-d] Possible new IAB program on Internet trust model evolution
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 01 Feb 2020 05:07:09 -0000
Dear architecture-discuss, Parts concerning with "the Internet security" today at Internet Society: Internet Society 2020 Action Plan - We believe deeply that the Internet must be open, globally-connected, secure, and trustworthy. - In 2020, we will continue to work towards realizing our vision by building, promoting, and defending a bigger and stronger Internet. II. Strengthening the Internet -- Promoting the Internet way of networking -- Extending encryption -- Securing global routing -- Increasing time security -- Leading by example with open standards and protocols https://www.internetsociety.org/action-plan/2020/ 2020 Action Plan Projects Strengthening the Internet - Internet Way of Networking - Encryption - Securing Global Routing (MANRS) - Time Security - Open Standards Everywhere https://www.internetsociety.org/action-plan/2020/projects/ Regard, Guntur Wiseno Putra Pada Kamis, 30 Januari 2020, Eric Rescorla <ekr@rtfm.com> menulis: > > There is relatively broad agreement that the roles and trustwortiness > > of different endpoints in a protocol exchange are important > > considerations. In specific cases there may be quite different > > perspectives on the tradeoffs involved, e.g., to what extent privacy, > > information centralisation, or the needs of enterprise networks should > > be considered as the highest priority. And no doubt, other equally > > valid perspectives exist. > > Actually, it's not clear to me that *any* of these are valid > things to put in a threat model. Recall what 3552 says a threat > model is: > > A THREAT MODEL describes the capabilities that an attacker is assumed > to be able to deploy against a resource. It should contain such > information as the resources available to an attacker in terms of > information, computing capability, and control of the system. The > purpose of a threat model is twofold. First, we wish to identify the > threats we are concerned with. Second, we wish to rule some threats > explicitly out of scope. Nearly every security system is vulnerable > to a sufficiently dedicated and resourceful attacker. > > But none of the things you list are really part of a threat model. > > Rather, they are weights one applies to various design considerations, > but that's a consideration but that's a form of analysis that happens > *after* you have a threat model, not part of the threat model itself. > For instance, I don't think anyone thinks that privacy threats (e..g., > traffic analysis) aren't part of our threat model (and they're clearly > part of the 3552 threat model). Now, as a matter of protocol design, > we have often opted not to do much about these threats for practical > reasons, but that's a different matter. > > As Brian said, the purpose of 3552 is to force protocol designers > to describe the security properties of their protocols and the purpose > the threat model section is to provide a common starting point for > that analysis. IOW, it is an essentially tutorial function So to the > extent to which an update for 3552 is needed, its purpose should be to > make clear considerations which aren't otherwise obvious from the text > in 3552. But that's not about a new threat model or about balancing > but rather about documentation. > > -Ekr > > > > > On Fri, Jan 24, 2020 at 3:50 AM Jari Arkko <jari.arkko@piuha.net> wrote: > >> >> The IAB are considering starting up a programme on Internet >> trust model evolution as described in the link at the bottom of this >> email. >> >> We'd like to get feedback on that idea and the text. As you may >> be aware, in 2019 a number of documents were published on >> this topic and discussions held (on the mailing list, SAAG, side >> meeting at IETF-106, workshops, etc). There’s also a virtual >> meeting coming up on February 14th. >> >> To be clear, any output from this program would be text offered >> to the IETF for consideration - it is not within the IAB's remit, nor >> that of an IAB program, to modify a BCP. Nonetheless, an IAB >> program offers a good venue for this work, as it perhaps allows >> for more focus on the evolving architecture aspect within this space. >> >> The plan is for the new program to be entirely open for participation, >> similar to how the current work has already been. That is, the mailing >> list is open for all interested to join, meetings are open and listed >> in the public agendas. The IAB will find a chair or chairs for the >> group to stay organised. >> >> There's no specific deadline for this, but the IAB will consider this >> further in the next few weeks, so if you could take a few minutes >> to share your thoughts on this that'd be great. >> >> https://github.com/intarchboard/model-t-charter/ >> blob/master/model-t-charter-00.md >> https://www.iab.org/mailman/listinfo/model-t >> >> Stephen & Jari >> >> _______________________________________________ >> Architecture-discuss mailing list >> Architecture-discuss@ietf.org >> https://www.ietf.org/mailman/listinfo/architecture-discuss >> >
- [arch-d] Possible new IAB program on Internet tru… Jari Arkko
- Re: [arch-d] [Model-t] Possible new IAB program o… Joachim Fabini
- Re: [arch-d] Possible new IAB program on Internet… Brian E Carpenter
- Re: [arch-d] [Model-t] Possible new IAB program o… Eric Rescorla
- Re: [arch-d] [Model-t] Possible new IAB program o… Stephen Farrell
- Re: [arch-d] [Model-t] Possible new IAB program o… Eliot Lear
- Re: [arch-d] [Model-t] Possible new IAB program o… Ted Hardie
- Re: [arch-d] [Model-t] Possible new IAB program o… Bernard Aboba
- Re: [arch-d] [Model-t] Possible new IAB program o… Christian Huitema
- Re: [arch-d] [Model-t] Possible new IAB program o… Eliot Lear
- Re: [arch-d] [Model-t] Possible new IAB program o… Eric Rescorla
- Re: [arch-d] [Model-t] Possible new IAB program o… Eliot Lear
- Re: [arch-d] Possible new IAB program on Internet… Guntur Wiseno Putra
- Re: [arch-d] [Model-t] Possible new IAB program o… Vittorio Bertola
- [arch-d] Yes, building blocks ; -) Re: not buildi… Eliot Lear
- Re: [arch-d] [Model-t] Possible new IAB program o… Kathleen Moriarty
- Re: [arch-d] [Model-t] Possible new IAB program o… Joel M. Halpern
- Re: [arch-d] [Model-t] Possible new IAB program o… John C Klensin
- Re: [arch-d] [Model-t] Possible new IAB program o… Kathleen Moriarty
- Re: [arch-d] [Model-t] Possible new IAB program o… Brian E Carpenter
- Re: [arch-d] not building blocks (was: Re: [Model… Toerless Eckert
- Re: [arch-d] [Model-t] Possible new IAB program o… Stephen Farrell
- Re: [arch-d] not building blocks (was: Re: [Model… Eliot Lear
- Re: [arch-d] not building blocks (was: Re: [Model… Stephen Farrell
- Re: [arch-d] not building blocks (was: Re: [Model… Stephen Farrell
- Re: [arch-d] [Model-t] Possible new IAB program o… S Moonesamy
- Re: [arch-d] [Model-t] Possible new IAB program o… Kathleen Moriarty
- Re: [arch-d] [Model-t] Possible new IAB program o… Bernard Aboba
- Re: [arch-d] Possible new IAB program on Internet… Toerless Eckert
- Re: [arch-d] [Model-t] Possible new IAB program o… Watson Ladd
- Re: [arch-d] [Model-t] Possible new IAB program o… Eliot Lear
- Re: [arch-d] Possible new IAB program on Internet… Jari Arkko
- Re: [arch-d] [Model-t] Possible new IAB program o… Jari Arkko
- Re: [arch-d] [Model-t] Possible new IAB program o… Toerless Eckert
- Re: [arch-d] [Model-t] Possible new IAB program o… Robin Wilton
- Re: [arch-d] Possible new IAB program on Internet… Guntur Wiseno Putra
- Re: [arch-d] [Model-t] Possible new IAB program o… Eliot Lear
- Re: [arch-d] Possible new IAB program on Internet… Guntur Wiseno Putra
- Re: [arch-d] Possible new IAB program on Internet… Eric Rescorla
- Re: [arch-d] Possible new IAB program on Internet… Guntur Wiseno Putra