Re: [lisp] Stephen Farrell's No Objection on draft-ietf-lisp-threats-14: (with COMMENT)

Luigi Iannone <ggx@gigix.net> Fri, 22 January 2016 13:49 UTC

Return-Path: <ggx@gigix.net>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2EE1E1A6FA0 for <lisp@ietfa.amsl.com>; Fri, 22 Jan 2016 05:49:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o1BhTp_S7hHn for <lisp@ietfa.amsl.com>; Fri, 22 Jan 2016 05:49:10 -0800 (PST)
Received: from mail-wm0-x22c.google.com (mail-wm0-x22c.google.com [IPv6:2a00:1450:400c:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B34031A6F9E for <lisp@ietf.org>; Fri, 22 Jan 2016 05:49:08 -0800 (PST)
Received: by mail-wm0-x22c.google.com with SMTP id n5so133055473wmn.0 for <lisp@ietf.org>; Fri, 22 Jan 2016 05:49:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gigix-net.20150623.gappssmtp.com; s=20150623; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=+BstR1WW/XCrG/fINEmBEHcW5C7nrHutWGEnELdDSco=; b=16v1UslLPx+8x45O+3T2mme21ajLEzxkdepU0XfrOROwc8zPsynI1wzHYT1wl/DLR7 3n7vArbmJL2Pn3tRT9xFhGXzrIrZwkMtJ+f1bD6QOsmMZzl7OkDxK2/Zx1cMj/G2StCc rZAlyQVtJE9YRAUc9pXej1lrDJ7k4fvVCZPgCrJhCFzkXk70F/Rv7tk4j8EZ7wlHkrnH 4jERAx8GnLxU9qLIeF+Xgw51zVHXJhe9Ssn24eznEaJgQTQ9saJc2gZCWgmXWVjbfkUK MEGei3xLY+ix5NigQrA74K/GR9BCugsJzW6U2fe4oPtdp49m1iPa987o71YUgBdjpsC0 RqZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to; bh=+BstR1WW/XCrG/fINEmBEHcW5C7nrHutWGEnELdDSco=; b=g7a+UgAOa1waxnWCJb80Qu/2c2YfTqbCSyOWI/tk/edPh2aYO2jbxZhCumDKgt03W2 Yp5RKQyc4Qu2qxCcdYXBVmuvzPThCxK7WJIVooXnW8NNEM6PW0c/kIesa38giPP0Kq6O VsmWOpFobvRSyqlnNjyyqG9LMFd2BGuDz9H+x8X5mrwqPhqp9lap6+9DcU80IGwKy0pi yAGcXTqCRrqyhOe0JSON+EdkXrTaHnMLSSiJje4cO1kDGyI0oyXCpuZP6tZFUUkCdaD2 A/qFad0rrIOkN+NONMF2oexSlJ5yoc86Eui9tIINuxMMKZHngx393en0N78w/eeihUBy sKnA==
X-Gm-Message-State: AG10YOTvfmmkSU8KuMQT127sXNntLRzHwD/Ag/lBwq9cH7htNagaokVaOd28UicOH4CO7g==
X-Received: by 10.194.133.164 with SMTP id pd4mr3832619wjb.133.1453470547319; Fri, 22 Jan 2016 05:49:07 -0800 (PST)
Received: from ?IPv6:2001:660:330f:a4:adc3:e949:4c2:4b5a? ([2001:660:330f:a4:adc3:e949:4c2:4b5a]) by smtp.gmail.com with ESMTPSA id y188sm3028297wmy.11.2016.01.22.05.49.05 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 22 Jan 2016 05:49:05 -0800 (PST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
From: Luigi Iannone <ggx@gigix.net>
In-Reply-To: <56A2206E.7070305@cs.tcd.ie>
Date: Fri, 22 Jan 2016 14:49:07 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <49CC4D66-83C6-4378-9DCE-77FB9F212125@gigix.net>
References: <20160119120720.15029.11215.idtracker@ietfa.amsl.com> <569E4D30.5050807@joelhalpern.com> <569E4EB1.2060807@cs.tcd.ie> <DD9EECBA-7EF6-4E29-8C53-D8A3398CA4CF@gigix.net> <569F9DDF.2060103@cs.tcd.ie> <67542A5F-0A29-4216-A1EA-55D329C5D136@gigix.net> <56A2206E.7070305@cs.tcd.ie>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
X-Mailer: Apple Mail (2.3112)
Archived-At: <http://mailarchive.ietf.org/arch/msg/lisp/rcrSOtpic5RZyx9twLYrWPSHX6o>
Cc: draft-ietf-lisp-threats@ietf.org, lisp@ietf.org, The IESG <iesg@ietf.org>, lisp-chairs@ietf.org
Subject: Re: [lisp] Stephen Farrell's No Objection on draft-ietf-lisp-threats-14: (with COMMENT)
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jan 2016 13:49:11 -0000

Hi Stephen,

I am fine with the text you are proposing.
Doing additional risk analysis was obvious for me, but it does not harm to spell it out. ;-)

I will include your text thanks a lot.

ciao

L.


> On 22 Jan 2016, at 13:28, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
> 
> 
> Hi Luigi,
> 
> Just on this bit, the rest is fine...
> 
> On 22/01/16 12:15, Luigi Iannone wrote:
>> What about the following:
>> 
>> 
>> 	Attackers can be classified according to the following four modes of
>>  	operation, i.e., the temporal and spacial diversity of the attacker.
>> 	These modes are not mutually exclusive, they can be used by 
>> 	attackers in any combination, and other modes may be discovered 
>> 	in the future.
> 
> There is a tendency for folks who read documents like this
> that set out N kinds of attack(er) to never consider that
> there may be an N+1th kind of attack(er). It's that that
> I'm suggesting we make clear.
> 
> So I'd go more for:
> 
> "
> In this document we have classified attackers according to
> their modes of operation, i.e., the temporal and spacial
> diversity of the attacker. These modes are not mutually
> exclusive, they can be used by attackers in any combination,
> and other modes may be discovered in the future. And of
> course attackers are not at all bound by our classification
> scheme, so implementers and those deploying will always need
> to do additional risk analysis for themselves.
> "
> 
> But again, that's just a suggestion, feel free to take it
> or leave it.
> 
> Cheers,
> S.