Re: [Model-t] model-t@iab.org list description
Watson Ladd <watsonbladd@gmail.com> Sat, 03 August 2019 22:14 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: model-t@ietfa.amsl.com
Delivered-To: model-t@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5C5B120146 for <model-t@ietfa.amsl.com>; Sat, 3 Aug 2019 15:14:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1KjbrYJQbDfw for <model-t@ietfa.amsl.com>; Sat, 3 Aug 2019 15:14:47 -0700 (PDT)
Received: from mail-lj1-x241.google.com (mail-lj1-x241.google.com [IPv6:2a00:1450:4864:20::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 257E9120148 for <model-t@iab.org>; Sat, 3 Aug 2019 15:14:47 -0700 (PDT)
Received: by mail-lj1-x241.google.com with SMTP id t28so76025328lje.9 for <model-t@iab.org>; Sat, 03 Aug 2019 15:14:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=QOxrwI73Y9dc9Wuwn6hLwDnMbv2IbazyyAK5SckUU5M=; b=KaLtEwIBgkNuvOCRigQpZj59EAs/9Oe4rWgGiHxFeBirmqC8iUgOoseFU7KY4FyoZ7 F2FrNDPhnlcZbGG/lrZOcuWnHgb2Wpm0H+EjRiEoW63WbCSE+0L/6I8vrdevgpPPX++K w3LdjY6c+hHLy7MaplOz5P2mekGrC4at+Dew+MEMr2YUsUeq9WBEUS3ZbWyUmaD8B9Gm 5Y5YZEbvYwdPhs6D1yr1K9XPrldGn5CbnEOG0sis3+b/T51jsMHf4DicK3/fkHlVkJSj lSHHLGIRliucnyheuMPre5yQKtKuDdQbrWdHTrMeCsaRNoyoyp1/4HRZsjSVUELswbq/ ffhA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=QOxrwI73Y9dc9Wuwn6hLwDnMbv2IbazyyAK5SckUU5M=; b=cSVR8Lj9cssJfyAtkTjeLXxkaH5prlTYkyqjC8nsq4HVslMLeW/PGejn7Qi2xLFO0s HmyQywuLYSnr3TayazuBnehJMqo7KEYl55rrb848cgeaSZ9ulBIw6eor8e019MYhqTsb VLAhiGSE2sb993J4KCcNSNzgv03pV36quQi57oHUsNu+FaDlfXqwY+UdrCu6DR78Uq5K ktG8+pfMv1XfpM2C9P4OeXkDasnKNg9pfjP4pPB6BZkTiyFhRh6dWgb8IZDPrSjW4MJw N3fDoixVJqBBpBPdjTAXwH/Uu7EbvPWzA7mEQrF8wPLZlLYWrkW3qY6cFxXOs3xMKaZU s6Yg==
X-Gm-Message-State: APjAAAVVCg7kRQKs+q6U/PQV5N+htX327O7DP2+YN7Gsgqexid7INmrl PARoo9L/JUO5wynhQ+kVBc/uRF3h4q3aUd1b86Y=
X-Google-Smtp-Source: APXvYqy6JSbWTCKCuIMFWamRJEPIR6sarkbcfSRDSNQJqr7u6MddZN1KI10Z0fxwBHZ7dN1uuo2fG6sobOfkO3/2Rrc=
X-Received: by 2002:a2e:890a:: with SMTP id d10mr74971905lji.145.1564870485268; Sat, 03 Aug 2019 15:14:45 -0700 (PDT)
MIME-Version: 1.0
References: <c3a112ba-baab-1cb0-97ad-21ff9999a637@cs.tcd.ie> <29756028-95f1-e6e5-b3ea-562cbc635df0@sandelman.ca> <5ef15ad2-5b20-e871-0d01-17cf906051c1@cs.tcd.ie> <22633.1564768705@localhost> <e7c02d44-353f-406c-818e-06a2e49ee212@www.fastmail.com> <5879878A-7CEA-4030-BB72-108CC4122719@gmail.com> <d253231a-d35d-e7c9-e3ae-5c7d7915566e@bluepopcorn.net> <06F0AE14-4413-4022-A804-C1B58E2702CE@fugue.com> <52BAC141-CB25-4072-B556-6325912F1ADD@gmail.com> <40A8E8F0-ACF7-40DA-BE78-58483751FBB4@fugue.com> <426B77F6-89AF-4D53-9324-B7D89392B723@gmail.com>
In-Reply-To: <426B77F6-89AF-4D53-9324-B7D89392B723@gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
Date: Sat, 03 Aug 2019 15:14:33 -0700
Message-ID: <CACsn0cnNjEz3azkSE4R9C-k5oG8RBOSKYoBPQ1cCmxKOX0pEHw@mail.gmail.com>
To: Bret Jordan <jordan.ietf@gmail.com>
Cc: Ted Lemon <mellon@fugue.com>, Jim Fenton <fenton@bluepopcorn.net>, model-t@iab.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/model-t/CR9e8mT6G0sB_Kl2KO822XDilk4>
Subject: Re: [Model-t] model-t@iab.org list description
X-BeenThere: model-t@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions of changes in Internet deployment patterns and their impact on the Internet threat model <model-t.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/model-t>, <mailto:model-t-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/model-t/>
List-Post: <mailto:model-t@iab.org>
List-Help: <mailto:model-t-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/model-t>, <mailto:model-t-request@iab.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Aug 2019 22:14:50 -0000
Could you point to an issue with IETF work where this "cyber" language is useful and would have lead to insights that would have avoided the issue? That might help illuminate why it is actually productive. On Sat, Aug 3, 2019 at 2:58 PM Bret Jordan <jordan.ietf@gmail.com> wrote: > > I fully agree that there will need to be some foundational documents written to help the IETF as a whole come up to speed. > > We are basically in the same boat with cyber in the IETF as we are with crypto. If you do not know what key material, or a Nonce, or how asymmetric differs from symmetric algorithms, or how the discrete logarithm problem compares to prime factorization, you will be lost. So the crypto side of the IETF uses a lot of jargon, as well. But it is domain specific vernacular. This cyber side also has a lost of very well known and understood terms. I am sure ENISA, NIST, and even the ITU have great resources. ISC^2 and SANS also have a lot of material about this space. > > What we are trying to do now is help the IETF realize that it is more than just communication security and information security. The market just happens to call this bigger umbrella "cyber security". But I know many here do not like that term, even if the industry does use it. Trying to break the problem down to just one of the sub parts is where we fall over and where we get in trouble. > > > Thanks, > Bret > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg." > > On Aug 3, 2019, at 12:37 PM, Ted Lemon <mellon@fugue.com> wrote: > > Bret, I appreciate that this is a special area of technical expertise and that it has a domain-specific vocabulary. That is what the word “jargon” means. > > The reason I raised this concern is not that I can’t go out and learn this jargon. It’s that if the goal of this effort is to help the IETF to do a better job of reasoning about threats, the IETF has to be able to understand the output. > > There is already great work going on in this space amongst the experts. If this is to just be another such effort, I don’t think it will accomplish your stated goals. So I’m being deliberately pedantic here because I would like to see the output of this effort actually change how the IETF reasons about threats. That’s going to require some foundational documents. The fact that you didn’t point me at an RFC or draft to answer my question tells me that I’m not wrong to be concerned. > > Sent from my iPhone > > On Aug 3, 2019, at 1:39 PM, Bret Jordan <jordan.ietf@gmail.com> wrote: > > Ted, > > This is not jargon, this is the language that is used in this space. If we are going to write a document or come up with text to help improve a document that deals with this domain, then we should probably know and understand the domain. Attacks against network connected devices (endpoints, network equipment, IoT devices, etc) are all in scope. So when we work on designing solutions for interconnected systems, we need to understand this space. Designing technologies without taking this space into consideration is very problematic. > > We have many in this group that work in this space and have very detailed knowledge of it. If you have specific questions, I am sure many of us would be willing to help fill in the gaps. > > IMO, the key to our work is to help improve the IETF’s understanding of risks, threat actor TTPs, attack surface, etc. This space has evolved a lot recently, and has definitely changed since 3552 was first written. Further, given the upcoming market shift to 5G enabled devices and its changing attack surface, this work is prudent at this time. Gone are the days of “Escargot Model” (a term I started using back in the late 80s / early 90s) of security. > > Thanks, > Bret > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg." > > On Aug 3, 2019, at 11:12 AM, Ted Lemon <mellon@fugue.com> wrote: > > Yes. It would also be good to avoid domain-specific jargon. Presumably the goal here is to provide something of value to the whole community, not something that only people who are familiar with a very specific vernacular can use. > > Of course, I might be mistaken about the intended scope of this work, so if this sounds wrong it would be good to get consensus on that. > > Sent from my iPhone > > On Aug 3, 2019, at 12:52 PM, Jim Fenton <fenton@bluepopcorn.net> wrote: > > On 8/2/19 9:24 PM, Bret Jordan wrote: > > To borrow your words… “If we are going to take security seriously”… > we need to understand and document the full attack surface. So let > us start listing them out. Here are four. > > > Attack: Active remote attack > Exposure: Full compromise of system and data > Client Knowledge: Potential indicators may be visible > Protection Possibilities: Deploy both client and network level protections > Headwinds: Client based protections are usually inadequate > Severity: High > Kill-Chain Phase: Lateral Movement > > > [etc.] > > Perhaps we need to decide what we consider a threat model to be. I see > Bret's list as a collection of specific attacks (tactics), while I > consider a threat model to be at a higher level than that, e.g., whether > nation-states, or supply chain threats, should be part of that model. > > When I was working on the draft that became RFC 4686 (DKIM Threat > Analysis), Russ Housley gave me some very good coaching about how to > structure that. He suggested that it should describe: > > - The nature and location of the bad actors > - What the bad actors' capabilities are > - What they intend to accomplish via their attacks > > How do we want to define threat model? > > -Jim > > > > -- > Model-t mailing list > Model-t@iab.org > https://www.iab.org/mailman/listinfo/model-t > > > > -- > Model-t mailing list > Model-t@iab.org > https://www.iab.org/mailman/listinfo/model-t -- "Man is born free, but everywhere he is in chains". --Rousseau.
- [Model-t] model-t@iab.org list description Stephen Farrell
- Re: [Model-t] model-t@iab.org list description Michael Richardson
- Re: [Model-t] model-t@iab.org list description Stephen Farrell
- Re: [Model-t] model-t@iab.org list description Stephen Farrell
- Re: [Model-t] model-t@iab.org list description Joseph Lorenzo Hall
- Re: [Model-t] model-t@iab.org list description Michael Richardson
- Re: [Model-t] model-t@iab.org list description Martin Thomson
- Re: [Model-t] model-t@iab.org list description Bret Jordan
- Re: [Model-t] model-t@iab.org list description Stephen Farrell
- Re: [Model-t] model-t@iab.org list description Stephen Farrell
- Re: [Model-t] model-t@iab.org list description Eric Rescorla
- Re: [Model-t] model-t@iab.org list description Bret Jordan
- Re: [Model-t] model-t@iab.org list description Stephen Farrell
- Re: [Model-t] model-t@iab.org list description Jim Fenton
- Re: [Model-t] model-t@iab.org list description Ted Lemon
- Re: [Model-t] model-t@iab.org list description Bret Jordan
- Re: [Model-t] model-t@iab.org list description Bret Jordan
- Re: [Model-t] model-t@iab.org list description Bret Jordan
- Re: [Model-t] model-t@iab.org list description Stephen Farrell
- Re: [Model-t] model-t@iab.org list description Christian Huitema
- Re: [Model-t] model-t@iab.org list description Watson Ladd
- Re: [Model-t] model-t@iab.org list description Carsten Bormann
- Re: [Model-t] model-t@iab.org list description Ted Lemon
- [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] model-t@iab.org list description Bret Jordan
- Re: [Model-t] model-t@iab.org list description Watson Ladd
- Re: [Model-t] What are we trying to protect Eric Rescorla
- Re: [Model-t] What are we trying to protect Dominique Lazanski
- Re: [Model-t] What are we trying to protect Eric Rescorla
- Re: [Model-t] What are we trying to protect Dominique Lazanski
- Re: [Model-t] What are we trying to protect Stephen Farrell
- Re: [Model-t] What are we trying to protect Eric Rescorla
- Re: [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] What are we trying to protect Watson Ladd
- Re: [Model-t] What are we trying to protect Ted Lemon
- Re: [Model-t] What are we trying to protect Dominique Lazanski
- Re: [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] What are we trying to protect Ted Lemon
- Re: [Model-t] What are we trying to protect Stephen Farrell
- Re: [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] What are we trying to protect Stephen Farrell
- Re: [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] What are we trying to protect Stephen Farrell
- Re: [Model-t] What are we trying to protect Christian Huitema
- Re: [Model-t] What are we trying to protect Ted Lemon
- [Model-t] Primer Bret Jordan
- Re: [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] What are we trying to protect Christian Huitema
- Re: [Model-t] Primer Bret Jordan
- Re: [Model-t] What are we trying to protect Bret Jordan
- Re: [Model-t] What are we trying to protect Watson Ladd
- Re: [Model-t] What are we trying to protect Thomas Hardjono
- Re: [Model-t] What are we trying to protect Ira McDonald
- Re: [Model-t] What are we trying to protect Thomas Hardjono
- Re: [Model-t] What are we trying to protect Watson Ladd
- Re: [Model-t] What are we trying to protect Thomas Hardjono