Re: Requesting comments on draft-cheney-safe-02.txt
"Cheney, Edward A SSG RES USAR USARC" <austin.cheney@us.army.mil> Sat, 08 August 2009 05:16 UTC
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n785GoBY023579 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 7 Aug 2009 22:16:50 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id n785Gon4023578; Fri, 7 Aug 2009 22:16:50 -0700 (MST) (envelope-from owner-ietf-smtp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smtp@mail.imc.org using -f
Received: from mxoutps1.us.army.mil (mxoutps1.us.army.mil [143.69.250.38]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n785Gn1w023571 for <ietf-smtp@imc.org>; Fri, 7 Aug 2009 22:16:50 -0700 (MST) (envelope-from austin.cheney@us.army.mil)
DomainKey-Signature: s=ako; d=us.army.mil; c=nofws; q=dns; h=From:X-AKO:X-IronPort-AV:Received:Received:To:Cc: Message-ID:Date:X-Mailer:MIME-Version:Content-Language: Subject:X-Accept-Language:Priority:In-Reply-To:References: Content-Type:Content-Disposition: Content-Transfer-Encoding; b=E1KNovYL+D7x0rjLzmUjzdUtoyPDiQIHycoJ+7wYPqtRamLGSigjIctC S270ZAzppZD2n3Zxe6LZUwV//D+WrQ==;
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=us.army.mil; i=austin.cheney@us.army.mil; q=dns/txt; s=akodkim; t=1249708610; x=1281244610; h=from:sender:reply-to:subject:date:message-id:to:cc: mime-version:content-transfer-encoding:content-id: content-description:resent-date:resent-from:resent-sender: resent-to:resent-cc:resent-message-id:in-reply-to: references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:list-owner:list-archive; z=From:=20"Cheney,=20Edward=20A=20SSG=20RES=20USAR=20USARC "=20<austin.cheney@us.army.mil>|Subject:=20Re:=20Requesti ng=20comments=20on=20draft-cheney-safe-02.txt|Date:=20Sat ,=2008=20Aug=202009=2009:16:49=20+0400|Message-ID:=20<f73 2828f180f6.4a7d4281@us.army.mil>|To:=20John=20C=20Klensin =20<john+smtp@jck.com>|Cc:=20Rich=20Kulawiec=20<rsk@gsp.o rg>,ietf-smtp@imc.org|MIME-Version:=201.0 |Content-Transfer-Encoding:=207bit|In-Reply-To:=20<FFFD90 66BE1617C943428AF6@PST.JCK.COM>|References:=20<f6fecbd18a f7.4a721c99@us.army.mil>=0D=0A=20<4A720D35.1000306@cybern othing.org>=0D=0A=20<f6e091e580a6.4a7258af@us.army.mil> =20<20090807100147.GA16131@gsp.org>=0D=0A=20<FFFD9066BE16 17C943428AF6@PST.JCK.COM>; bh=LZtThaaeMI/ytTyM/dUEkjDe8hrQZiP01Y/rHU8vJI4=; b=OgJNTKzEYiqdXxYsp9QKanA41eExaLWODLE3S8jzlDbfidZNvMhMx/Vp QppnoYnzzmCO/NO0lrnLJ3veKYwkFSI19ajx5+fwZnXpsMM3VPZB9KUFv yuxNTAimX64AGA30OfL3NCSUDEeEKWDKow6FTV1NHJ9NuZ87cvhUijTY0 U=;
From: "Cheney, Edward A SSG RES USAR USARC" <austin.cheney@us.army.mil>
X-AKO: 100437563:10.224.29.21:08 Aug 2009 05:16:49 +0000:$Webmail:None
X-IronPort-AV: E=Sophos;i="4.43,345,1246838400"; d="scan'208";a="100437563"
Received: from lb2pip21.int.ps1.us.army.mil (HELO us.army.mil) ([10.224.29.21]) by mxoutps1.us.army.mil with ESMTP; 08 Aug 2009 05:16:49 +0000
Received: from [10.101.32.171] (Forwarded-For: 214.13.1.73, [10.101.32.171]) by mail15.int.ps1.us.army.mil (mshttpd); Sat, 08 Aug 2009 09:16:49 +0400
To: John C Klensin <john+smtp@jck.com>
Cc: Rich Kulawiec <rsk@gsp.org>, ietf-smtp@imc.org
Message-ID: <f732828f180f6.4a7d4281@us.army.mil>
Date: Sat, 08 Aug 2009 09:16:49 +0400
X-Mailer: Sun Java(tm) System Messenger Express 6.3-6.03 (built Mar 14 2008; 32bit)
MIME-Version: 1.0
Content-Language: en
Subject: Re: Requesting comments on draft-cheney-safe-02.txt
X-Accept-Language: en
In-Reply-To: <FFFD9066BE1617C943428AF6@PST.JCK.COM>
References: <f6fecbd18af7.4a721c99@us.army.mil> <4A720D35.1000306@cybernothing.org> <f6e091e580a6.4a7258af@us.army.mil> <20090807100147.GA16131@gsp.org> <FFFD9066BE1617C943428AF6@PST.JCK.COM>
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-smtp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smtp/mail-archive/>
List-ID: <ietf-smtp.imc.org>
List-Unsubscribe: <mailto:ietf-smtp-request@imc.org?body=unsubscribe>
John, In addition to my reply to Rich I want to address the cost of doing business with regard to security mitigation. For a moment I would like to jump to another more email centric example: SPAM. SPAM can be easily mitigated using the latest email server software and performing the best current procedures to minimize the impact of SPAM upon an organizations systems and users. Even after all possible efforts are considered SPAM can still get through. If SPAM does not get through it still consumes bandwidth across networking devices and bandwidth on the email server. SPAM mitigation costs CPU cycles on email servers that could be used for other more productive tasks. Those wasted CPU cycles increase load, which is a management concern for server load balancing and power distribution costs in a server farm. No matter what we do and even if no SPAM gets through to the end user the administrator has still spent time, money, and resources to defend their network. From the perspective of a project manager or a business owner that is funding that could be invested to grow the business if not wasted on mitigation. That is additional personnel and equipment that could be retasked to perform other operations to make the organization more productive and competitive. At the end of the day the final business result is additional costs. Security vulnerabilities, much like SPAM, are a high cost and a drain on any organization. Even if mitigation completely eliminated 100% of the problem 100% of the time it still comes at a cost, a cost that is unnecessary if those vulernabilities were eliminated. If I were a key decision maker in the investment of business assets across a large organization I would want to eliminate costs to the business as much as possible. If there are positive benefits associated with, but not directly related to, those cost savings that is simply an unintended business benefit even if the technology benefits are intentional. In summary, after all technology decisions and impacts are considered at the end of the process will this result in a savings to business. I believe it will result in an astounding cost savings if a significant majority of reported vulnerabilities could be either eliminated or substantially reduced. Thank you, Austin
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… Peter J. Holzer
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… Alessandro Vesely
- Re: Requesting comments on draft-cheney-safe-02.t… Hector Santos
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… J.D. Falk
- Requesting comments on draft-cheney-safe-02.txt Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… Rich Kulawiec
- Re: Requesting comments on draft-cheney-safe-02.t… Rich Kulawiec
- Re: Requesting comments on draft-cheney-safe-02.t… Rich Kulawiec
- Re: Requesting comments on draft-cheney-safe-02.t… Steve Atkins
- Re: Requesting comments on draft-cheney-safe-02.t… Dave CROCKER
- Re: Requesting comments on draft-cheney-safe-02.t… Hector Santos
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: [AKO Warning - Message fails DKIM verificatio… Hector Santos
- Re: Requesting comments on draft-cheney-safe-02.t… John C Klensin
- Re: [AKO Warning - Message fails DKIM verificatio… Cheney, Edward A SSG RES USAR USARC
- Re: [AKO Warning - Message fails DKIM verificatio… Hector Santos
- Re: Requesting comments on draft-cheney-safe-02.t… John R Levine
- Re: [AKO Warning - Message fails DKIM verificatio… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… Willie Gillespie
- Re: [AKO Warning - Message fails DKIM verificatio… John Levine
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: [AKO Warning - Message fails DKIM verificatio… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… J.D. Falk
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… Hector Santos
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… Hector Santos
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… Hector Santos
- Re: Requesting comments on draft-cheney-safe-02.t… John C Klensin
- Re: Requesting comments on draft-cheney-safe-02.t… Rich Kulawiec
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… Robert A. Rosenberg
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… Willie Gillespie
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… Hector Santos
- Re: Requesting comments on draft-cheney-safe-02.t… Peter J. Holzer
- Re: Requesting comments on draft-cheney-safe-02.t… Steve Atkins
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… Cheney, Edward A SSG RES USAR USARC
- Re: Requesting comments on draft-cheney-safe-02.t… Hector Santos
- Re: Requesting comments on draft-cheney-safe-02.t… Hector Santos
- Re: Requesting comments on draft-cheney-safe-02.t… SM