Re: [Model-t] What is "real ends"
Thomas Hardjono <hardjono@mit.edu> Wed, 14 August 2019 14:05 UTC
Return-Path: <hardjono@mit.edu>
X-Original-To: model-t@ietfa.amsl.com
Delivered-To: model-t@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 35E591207FF for <model-t@ietfa.amsl.com>; Wed, 14 Aug 2019 07:05:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cJhns_WXdsFi for <model-t@ietfa.amsl.com>; Wed, 14 Aug 2019 07:05:42 -0700 (PDT)
Received: from outgoing-exchange-5.mit.edu (outgoing-exchange-5.mit.edu [18.9.28.59]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 81A5812081F for <model-t@iab.org>; Wed, 14 Aug 2019 07:05:42 -0700 (PDT)
Received: from oc11exedge2.exchange.mit.edu (OC11EXEDGE2.EXCHANGE.MIT.EDU [18.9.3.18]) by outgoing-exchange-5.mit.edu (8.14.7/8.12.4) with ESMTP id x7EE7BDY004532; Wed, 14 Aug 2019 10:07:22 -0400
Received: from oc11expo23.exchange.mit.edu (18.9.4.88) by oc11exedge2.exchange.mit.edu (18.9.3.18) with Microsoft SMTP Server (TLS) id 15.0.1293.2; Wed, 14 Aug 2019 10:05:38 -0400
Received: from oc11expo23.exchange.mit.edu (18.9.4.88) by oc11expo23.exchange.mit.edu (18.9.4.88) with Microsoft SMTP Server (TLS) id 15.0.1365.1; Wed, 14 Aug 2019 10:05:38 -0400
Received: from oc11expo23.exchange.mit.edu ([18.9.4.88]) by oc11expo23.exchange.mit.edu ([18.9.4.88]) with mapi id 15.00.1365.000; Wed, 14 Aug 2019 10:05:38 -0400
From: Thomas Hardjono <hardjono@mit.edu>
To: Mark O <Mark.O=40ncsc.gov.uk@dmarc.ietf.org>, "model-t@iab.org" <model-t@iab.org>
Thread-Topic: Re: [Model-t] What is "real ends"
Thread-Index: AdVOD8uTRKu8QzrwSYe4zxe4V1DKNAEmYj0f
Date: Wed, 14 Aug 2019 14:05:38 +0000
Message-ID: <89f8ef8f237e4b14a3f9d50a9a154e32@oc11expo23.exchange.mit.edu>
References: <LNXP123MB2570CEE2CA27B0481B0A8FB8D3D70@LNXP123MB2570.GBRP123.PROD.OUTLOOK.COM>
In-Reply-To: <LNXP123MB2570CEE2CA27B0481B0A8FB8D3D70@LNXP123MB2570.GBRP123.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [192.54.222.157]
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/model-t/ANvYUzqxedbmsaC3zSa9qLbfFIY>
Subject: Re: [Model-t] What is "real ends"
X-BeenThere: model-t@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions of changes in Internet deployment patterns and their impact on the Internet threat model <model-t.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/model-t>, <mailto:model-t-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/model-t/>
List-Post: <mailto:model-t@iab.org>
List-Help: <mailto:model-t-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/model-t>, <mailto:model-t-request@iab.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Aug 2019 14:05:44 -0000
Thanks Mark — let me read that draft first. — thomas — ________________________________________ From: Model-t [model-t-bounces@iab.org] on behalf of Mark O [Mark.O=40ncsc.gov.uk@dmarc.ietf.org] Sent: Thursday, August 8, 2019 1:40 PM To: model-t@iab.org Subject: Re: [Model-t] What is "real ends" > Can you explain further or give some examples of "real ends" ? Thomas, There is a recent draft, draft-mcfadden-smart-endpoint-taxonomy-for-cless-00, that attempts to categorise different types of endpoints. Different classes of endpoint may have very different threat landscapes - a server or a PC has a very different attack surface than an industrial sensor or a personal fitness tracker, but all could be consider to be "real ends". The endpoint taxonomy draft is related to draft-taddei-smart-cless-introduction-01, which seeks to define the Capabilities and Limitations of Endpoint-only Security Solutions. There are sections in this draft which describe various actual attacks and how they have been detected. Some of this content would be highly relevant to the discussion of a revised Internet threat model. -- Mark Thomas Hardjono <hardjono@mit.edu> wrote: Jari, Section 4 of draft-arkko-arch-internet-threat-model-01 talks about "real ends": But the details matter. What is considered an endpoint? What characteristics of Internet are we trying to optimize? This memo makes the argument that, for security purposes, there is a significant distinction between actual endpoints from a user's interaction perspective (e.g., another user) and from a system perspective (e.g., a third party relaying a message). This memo proposes to focus on the distinction between "real ends" and other endpoints to guide the development of protocols. A conversation between one "real end" to another "real end" has necessarily different security needs than a conversation between, say, one of the "real ends" and a component in a larger system. The end-to-end argument is used primarily for the design of one protocol. The security of the system, however, depends on the entire system and potentially multiple storage, compute, and communication protocol aspects. All have to work properly together to obtain security. Can you explain further or give some examples of "real ends" ? Thanks. -- thomas -- This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk. All material is UK Crown Copyright © -- Model-t mailing list Model-t@iab.org https://www.iab.org/mailman/listinfo/model-t
- [Model-t] What is "real ends" Thomas Hardjono
- Re: [Model-t] What is "real ends" Mark O
- Re: [Model-t] What is "real ends" Thomas Hardjono