Re: [Model-t] Minimization
russ@riw.us Wed, 16 March 2022 15:03 UTC
Return-Path: <russ@riw.us>
X-Original-To: model-t@ietfa.amsl.com
Delivered-To: model-t@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D43A3A18EF for <model-t@ietfa.amsl.com>; Wed, 16 Mar 2022 08:03:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fPnkG8tTSEme for <model-t@ietfa.amsl.com>; Wed, 16 Mar 2022 08:03:45 -0700 (PDT)
Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 628773A18EE for <model-t@iab.org>; Wed, 16 Mar 2022 08:03:45 -0700 (PDT)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id 8C3583200933; Wed, 16 Mar 2022 11:03:44 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Wed, 16 Mar 2022 11:03:44 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; bh=zvrjDNYg4GAT/EKdbGSs7zCLQvqfvG3smkX+teeiO jY=; b=TFEjJTVuhgeQbC2Jck5rEx3ZnIdQY6pt+mCojAUPLsFJc/j6KeKqB6blz fM2fkvLRMXIfEQrt6s4EHJ+CUsAoMO2jYXVSXiR0swrXURIl9qPfLriUv90uw1Z3 PXFZ09TTB2+QAT42gGawgGAT5+Men1RlT/frpR+vQWdna5LAwW6Bxx0AyI5paAPw Kr0eNtNQC4E+GEImzc5DioEl0cWMtOckDCdgybEhFIYtF6shw+cBYEBlxoXGOfqE qQl1mikOEBbbS9JgMislXKrORtTtBFxcfWepNNS4x3hMC2ikalcPRqqfkDfAf/8Q 016VSzxn+gW1trVbFlMdS7KvwkSaA==
X-ME-Sender: <xms:T_wxYtbMcd3b2pdm7C71P-DD-uqeRci1GGq5y3FKPuunYa4oAKXqrA> <xme:T_wxYkaXujhRyWqAjWewoLCt0zObN9PRyJMLasV7c8wp-w1qgmJ5B2jBC9_HKgShV GghQC4wbLCs2dwmpA>
X-ME-Received: <xmr:T_wxYv-kQ-uny798Elh916eTu4p5utXpdhWRffCxtEXu3JL1-rYcdv0gzOE>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvvddrudefvddgieelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvfhgjufffkfggtgfgofhtsehtqhhgtddvtdejnecuhfhrohhmpeeorhhu shhssehrihifrdhusheqnecuggftrfgrthhtvghrnhepteeftdetkeffvdeuhfdtudfgvd etfffggfduhfdvhfeutefguedufeekuddvledvnecuvehluhhsthgvrhfuihiivgeptden ucfrrghrrghmpehmrghilhhfrhhomheprhhushhssehrihifrdhush
X-ME-Proxy: <xmx:T_wxYrrGAXQDQJ73Nm0VNGdRlbszW63DmzmcT1EWEhEOfO7KYe9BiQ> <xmx:T_wxYop9CLmmJAuxPW0QwaN_1_aMotaF7PcNGACO9ZPdzAlIUxzycw> <xmx:T_wxYhQMhlEoHVLTTqieEXZSTkloWldGi6dTSWj9HmYi-kRxIIndHA> <xmx:UPwxYvTCWrle5qlYDXWL-tq2J69BnjYLbvIYhAH3vFu-GM8eok6usQ>
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 16 Mar 2022 11:03:42 -0400 (EDT)
From: russ@riw.us
To: 'Jari Arkko' <jari.arkko@piuha.net>, 'Martin Thomson' <mt@lowentropy.net>
Cc: model-t@iab.org
References: <2af931d1-2763-46d3-a616-7ac79ae3b082@www.fastmail.com> <3A5051E5-ACFC-4547-973F-E250B17AC58B@piuha.net>
In-Reply-To: <3A5051E5-ACFC-4547-973F-E250B17AC58B@piuha.net>
Date: Wed, 16 Mar 2022 11:03:42 -0400
Message-ID: <023601d83947$076991d0$163cb570$@riw.us>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQIDixLijjaAnSdgLZnOsf7ZF7m8bQIeOMwbrFqAX8A=
Content-Language: en-us
Archived-At: <https://mailarchive.ietf.org/arch/msg/model-t/CcPZ25A9BmqVcd-JWftlnYhexEo>
Subject: Re: [Model-t] Minimization
X-BeenThere: model-t@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions of changes in Internet deployment patterns and their impact on the Internet threat model <model-t.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/model-t>, <mailto:model-t-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/model-t/>
List-Post: <mailto:model-t@iab.org>
List-Help: <mailto:model-t-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/model-t>, <mailto:model-t-request@iab.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2022 15:03:52 -0000
> Just wanted to send an update that there’s a new version of the > minimization draft, inspired largely by your comments Martin. I like the > direction of making smaller number of statements and shorter overall > text, and focusing of course on established principles. Comments > appreciated. A few possible interesting points to include ... I can provide text suggestions if it's useful. -- Reducing the amount of information shared between devices/subsystems within a larger system not only increases security, it also protects privacy. -- Reducing the amount of information shared (the depth of the interaction surface) can help to reduce coupling between subsystems, hence increasing system resilience while also increasing security. -- Reducing the amount of information shared also reduces the attack surface by reducing the amount of control an attacker might gain over any given subsystem through a given interface. -- Reducing the number of places (physical or logical) in the system where information is shared (the breadth of the interaction surface) can help reduce the attack surface in meaningful ways. -- For both privacy and security, care should be taken to _destroy_ information in a timely manner ... protocols should be designed, where possible (it's not always possible), to not rely on information being present "forever." -- Not only should the minimal amount of information be shared, the most abstract, or least specific, information should be shared to "get the job done." I don't know if all of these are useful or not, just throwing them out there for discussion. 😊 /r
- [Model-t] Minimization Martin Thomson
- Re: [Model-t] Minimization Jari Arkko
- Re: [Model-t] Minimization Jari Arkko
- Re: [Model-t] Minimization russ
- Re: [Model-t] Minimization Martin Thomson
- Re: [Model-t] Minimization Mirja Kuehlewind
- Re: [Model-t] Minimization Christian Huitema