Re: [lisp] Stephen Farrell's No Objection on draft-ietf-lisp-threats-14: (with COMMENT)

Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 22 January 2016 12:28 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAF981A1B25; Fri, 22 Jan 2016 04:28:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.302
X-Spam-Level:
X-Spam-Status: No, score=-4.302 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2D3BrUQ4FWAe; Fri, 22 Jan 2016 04:28:34 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 019971A1B24; Fri, 22 Jan 2016 04:28:34 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id CD161BEA1; Fri, 22 Jan 2016 12:28:31 +0000 (GMT)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G5WU8tfE1Flq; Fri, 22 Jan 2016 12:28:31 +0000 (GMT)
Received: from [134.226.36.93] (bilbo.dsg.cs.tcd.ie [134.226.36.93]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 220E5BE9A; Fri, 22 Jan 2016 12:28:31 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1453465711; bh=xywBQUtZ3/aUnfKfTU0/As7Lj2mMY4Ef99ImYAIhBGA=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=dBkHYHKlVwr11gkrAAJVzMnxqbWfi6ahsSQl6YsO7h3ZTcfUdnrqoIVTJYqiaUzNi Zbb4cOn0ro2ie90R8ekL2J/i0sodD+Dvdlwrjbjv+O8/gXtriak/Z06ohAL5PFFMkN P6PyiBjgTdXWkXSfAC6IzJzu/ADDmZ8JX3DdFrlo=
To: Luigi Iannone <ggx@gigix.net>
References: <20160119120720.15029.11215.idtracker@ietfa.amsl.com> <569E4D30.5050807@joelhalpern.com> <569E4EB1.2060807@cs.tcd.ie> <DD9EECBA-7EF6-4E29-8C53-D8A3398CA4CF@gigix.net> <569F9DDF.2060103@cs.tcd.ie> <67542A5F-0A29-4216-A1EA-55D329C5D136@gigix.net>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <56A2206E.7070305@cs.tcd.ie>
Date: Fri, 22 Jan 2016 12:28:30 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <67542A5F-0A29-4216-A1EA-55D329C5D136@gigix.net>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/lisp/YagJeWcHiWlDikZLGgBo1sraT6I>
Cc: draft-ietf-lisp-threats@ietf.org, lisp@ietf.org, The IESG <iesg@ietf.org>, lisp-chairs@ietf.org
Subject: Re: [lisp] Stephen Farrell's No Objection on draft-ietf-lisp-threats-14: (with COMMENT)
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jan 2016 12:28:36 -0000

Hi Luigi,

Just on this bit, the rest is fine...

On 22/01/16 12:15, Luigi Iannone wrote:
> What about the following:
> 
> 
> 	Attackers can be classified according to the following four modes of
>   	operation, i.e., the temporal and spacial diversity of the attacker.
> 	These modes are not mutually exclusive, they can be used by 
> 	attackers in any combination, and other modes may be discovered 
> 	in the future.

There is a tendency for folks who read documents like this
that set out N kinds of attack(er) to never consider that
there may be an N+1th kind of attack(er). It's that that
I'm suggesting we make clear.

So I'd go more for:

"
In this document we have classified attackers according to
their modes of operation, i.e., the temporal and spacial
diversity of the attacker. These modes are not mutually
exclusive, they can be used by attackers in any combination,
and other modes may be discovered in the future. And of
course attackers are not at all bound by our classification
scheme, so implementers and those deploying will always need
to do additional risk analysis for themselves.
"

But again, that's just a suggestion, feel free to take it
or leave it.

Cheers,
S.