Re: [Model-t] What is "real ends"
Mark O <Mark.O@ncsc.gov.uk> Thu, 08 August 2019 17:40 UTC
Return-Path: <Mark.O@ncsc.gov.uk>
X-Original-To: model-t@ietfa.amsl.com
Delivered-To: model-t@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D456C12017C for <model-t@ietfa.amsl.com>; Thu, 8 Aug 2019 10:40:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ncsc.gov.uk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eCPHTdUkTa45 for <model-t@ietfa.amsl.com>; Thu, 8 Aug 2019 10:40:24 -0700 (PDT)
Received: from GBR01-CWL-obe.outbound.protection.outlook.com (mail-eopbgr110121.outbound.protection.outlook.com [40.107.11.121]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 090C912006D for <model-t@iab.org>; Thu, 8 Aug 2019 10:40:09 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IL2P6Sd3WM3HuVUIZI6gldxhTlw1z47Yfz+4zK8RBN0pn7UqbGUh1910lwaYSkqwg0nOsaQU8tBgPtAT/HrTY3az8x0rRcT96kT4mLGtvbuMyz/m8V++Q46NNwCYuKGht4tVnEHkkK9nzHio4jj2fCmI9U3wcUIuGIsKyD7feIZKdoZBvA5hd1IA5CkylZ1+HSaB/HcZfUNvLghfleS5k4fKvgqPaf/jFUQDFxgeSgBTLg46jMrrHLyUyLHwKjHd4HIMbbXaKDuivAyyzTchffwfsqv6GN+alScbbEYAPlgFoGG9V699En4Gl+GSNbyVmrIJXH7hxYiffKxWXqsHUw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GpueBZqPvUycMhB9RLHK0M+E4f5ujhYjbwBb/NJyCK0=; b=B8FcjP+1CNpBKsa1Wk0g/N8iO4CnA8YqDZMnciu4l5PIjuHeQp8qvfo/Cvha8UQEAg6AtGQMV1dma8X0NGhv6LvJddhGFwjy/cFpj0qIj/VKu23ALcbHi3tF2qPMZWGVlpjLy41G1W/vBd0gmyvQn2V9u0T0HiWS4PxGC5UoEVhIPSroC6pZZgr5XVYy1av9nj27PS8uzl5H3D9nnXGZo7t6Ktwwi6df6sWICbDm5H0a++346Xg5jRla6HJ23lHdR+jWOgzq94/Q6sYhfQeZPI1wPpCX1FtTvSWgKyN6z5x9CXUdNlGVrBVtOLW2RmemV3IxtOET5FQ2Oj/D7ZfdFw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ncsc.gov.uk; dmarc=pass action=none header.from=ncsc.gov.uk; dkim=pass header.d=ncsc.gov.uk; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ncsc.gov.uk; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GpueBZqPvUycMhB9RLHK0M+E4f5ujhYjbwBb/NJyCK0=; b=R8FZpPsXOV0+EcdlD+DQb2Ng6LKnRXiZSdSH7CyvUhr0z0mfQJ+BkOnvKNyEWqZjzUHzfZ4tzgirP5xByvGziUesYYHs81SNV/MZoLkif70CsA1+k3FRecyK9sCZCTMAMfV4+uD0MHEgMKkEJzy951mKPYTbJ9Kfm806FDZLKYQ=
Received: from LNXP123MB2570.GBRP123.PROD.OUTLOOK.COM (20.176.159.147) by LNXP123MB2634.GBRP123.PROD.OUTLOOK.COM (20.179.129.212) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2157.15; Thu, 8 Aug 2019 17:40:07 +0000
Received: from LNXP123MB2570.GBRP123.PROD.OUTLOOK.COM ([fe80::880d:8bdd:164a:2d74]) by LNXP123MB2570.GBRP123.PROD.OUTLOOK.COM ([fe80::880d:8bdd:164a:2d74%7]) with mapi id 15.20.2157.015; Thu, 8 Aug 2019 17:40:06 +0000
From: Mark O <Mark.O@ncsc.gov.uk>
To: "model-t@iab.org" <model-t@iab.org>
Thread-Topic: Re: [Model-t] What is "real ends"
Thread-Index: AdVOD8uTRKu8QzrwSYe4zxe4V1DKNA==
Date: Thu, 08 Aug 2019 17:40:06 +0000
Message-ID: <LNXP123MB2570CEE2CA27B0481B0A8FB8D3D70@LNXP123MB2570.GBRP123.PROD.OUTLOOK.COM>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Mark.O@ncsc.gov.uk;
x-originating-ip: [51.140.78.31]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 573e813e-fe3a-499a-6a99-08d71c2773e4
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(7168020)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:LNXP123MB2634;
x-ms-traffictypediagnostic: LNXP123MB2634:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <LNXP123MB26344B7A9E321F984DF9A648D3D70@LNXP123MB2634.GBRP123.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 012349AD1C
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(366004)(346002)(136003)(39850400004)(396003)(376002)(199004)(189003)(6506007)(64756008)(25786009)(6436002)(33656002)(66556008)(66446008)(55236004)(66476007)(26005)(76116006)(8936002)(5640700003)(186003)(81156014)(81166006)(5660300002)(316002)(476003)(52536014)(6916009)(229853002)(66946007)(486006)(3846002)(256004)(6116002)(2906002)(66574012)(71190400001)(2351001)(14444005)(71200400001)(86362001)(102836004)(66066001)(7736002)(6246003)(7696005)(53936002)(8676002)(99286004)(305945005)(14454004)(55016002)(9686003)(74316002)(2501003)(478600001); DIR:OUT; SFP:1102; SCL:1; SRVR:LNXP123MB2634; H:LNXP123MB2570.GBRP123.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: ncsc.gov.uk does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: Kwxxl7XRR4ce0tcxN2xaArbRDIS5eUDttb+NhmAfTXadTNqZjWvnMGhAa6QJWZi0H6lSE+BkBugj/ykWaZcX3MwOu7HghoeFp0c7rL2//nUHv8T/Pbg85H3rcWnDFS2jdSMyVnC3wFIgQvld27/FXLdGsV/uiTabNDvOM71wVmQ+AGC42n5ZT2XojQJZuVsKVvf5oTNlVz1mtjVzkFHEyIxqdIMiN5nrxoVx79qGqEURyZcP850XyzAL3/tqZIWFRJF8jcJHOc1wlgtV9HF1ed7SqrjgWQqaUsJJ7ybL44+O2dEmTzQlh97nQaerXfwk+xVxmA97b+d7tjipkyrIG/FThwwLb7rAJ7WE/LzMd9fHN82E2AF2UTcqcz1liB44SVZxWFhiYa9qPJKZiCmKeRlIon70Bs++TrwNw8rNXAw=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ncsc.gov.uk
X-MS-Exchange-CrossTenant-Network-Message-Id: 573e813e-fe3a-499a-6a99-08d71c2773e4
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Aug 2019 17:40:06.9236 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 14aa5744-ece1-474e-a2d7-34f46dda64a1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: iXyx96PeoFxJAPpSe4ux6BvU0rrdO5sNfvxUPLqscZsAsoq9Dg1ogjs9CgS8uzGfRe97DXTsI3a83BE9B3Npcw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LNXP123MB2634
Archived-At: <https://mailarchive.ietf.org/arch/msg/model-t/zx4AIluXZt0bCOBbl3bFb0zAE44>
Subject: Re: [Model-t] What is "real ends"
X-BeenThere: model-t@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions of changes in Internet deployment patterns and their impact on the Internet threat model <model-t.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/model-t>, <mailto:model-t-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/model-t/>
List-Post: <mailto:model-t@iab.org>
List-Help: <mailto:model-t-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/model-t>, <mailto:model-t-request@iab.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Aug 2019 17:40:27 -0000
> Can you explain further or give some examples of "real ends" ? Thomas, There is a recent draft, draft-mcfadden-smart-endpoint-taxonomy-for-cless-00, that attempts to categorise different types of endpoints. Different classes of endpoint may have very different threat landscapes - a server or a PC has a very different attack surface than an industrial sensor or a personal fitness tracker, but all could be consider to be "real ends". The endpoint taxonomy draft is related to draft-taddei-smart-cless-introduction-01, which seeks to define the Capabilities and Limitations of Endpoint-only Security Solutions. There are sections in this draft which describe various actual attacks and how they have been detected. Some of this content would be highly relevant to the discussion of a revised Internet threat model. -- Mark Thomas Hardjono <hardjono@mit.edu> wrote: Jari, Section 4 of draft-arkko-arch-internet-threat-model-01 talks about "real ends": But the details matter. What is considered an endpoint? What characteristics of Internet are we trying to optimize? This memo makes the argument that, for security purposes, there is a significant distinction between actual endpoints from a user's interaction perspective (e.g., another user) and from a system perspective (e.g., a third party relaying a message). This memo proposes to focus on the distinction between "real ends" and other endpoints to guide the development of protocols. A conversation between one "real end" to another "real end" has necessarily different security needs than a conversation between, say, one of the "real ends" and a component in a larger system. The end-to-end argument is used primarily for the design of one protocol. The security of the system, however, depends on the entire system and potentially multiple storage, compute, and communication protocol aspects. All have to work properly together to obtain security. Can you explain further or give some examples of "real ends" ? Thanks. -- thomas -- This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk. All material is UK Crown Copyright ©
- [Model-t] What is "real ends" Thomas Hardjono
- Re: [Model-t] What is "real ends" Mark O
- Re: [Model-t] What is "real ends" Thomas Hardjono