Re: [Model-t] w3c also thinking about threat models

There are a lot more problem than an "RCE vulnerability due to memory safety issues". This response, IMO, is part of the problem.  We keep trying to tie things to a single thing.  The attack surface and security model is much much broader. 

Thanks,
Bret
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."

> On Sep 23, 2019, at 8:51 AM, Watson Ladd <watsonbladd@gmail.com> wrote:
> 
> 
> 
> On Mon, Sep 23, 2019, 7:41 AM Bret Jordan <jordan.ietf@gmail.com <mailto:jordan.ietf@gmail.com>> wrote:
> > the web has a reasonably worked out security model 
> 
> 
> Given how nearly all attacks, campaigns, malware, and intrusion sets use the web or software connecting to the web to either compromise victims, exfiltrate personal or private information from victims, or destroy victims’ information I think one could easily argue that your statement that there is "a reasonably worked out security model" is false. 
> 
> An RCE vulnerability due to memory safety issues isn't a a result of not thinking about the security model.
> 
> 
> 
> 
> Thanks,
> Bret
> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
> "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
> 
>> On Sep 20, 2019, at 2:01 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie <mailto:stephen.farrell@cs.tcd.ie>> wrote:
>> 
>> On 20/09/2019 18:48, Bret Jordan wrote:
>>> Yes, privacy is just one facet. 
>> 
>> Sure, it's clearly true that privacy is not everything
>> in the IETF context, nor in w3c either. I guess the
>> argument for putting more focus on privacy in w3c might
>> be that the web has a reasonably worked out, (even if
>> imperfect) security model (the SOP etc), but that the
>> web has been pretty awful for privacy. Well, that's an
>> argument I'd make, not sure if the people involved in
>> the w3c work would:-)
>> 
>> S.
>> 
>>> 
>>> 
>>> Thanks,
>>> Bret
>>> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
>>> "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
>>> 
>>>> On Sep 20, 2019, at 11:12 AM, Dominique Lazanski <dml@lastpresslabel.com <mailto:dml@lastpresslabel.com>> wrote:
>>>> 
>>>> 
>>>> 
>>>>> On 20 Sep 2019, at 11:26, Stephen Farrell <stephen.farrell@cs.tcd.ie <mailto:stephen.farrell@cs.tcd.ie>> wrote:
>>>>> 
>>>>> 
>>>>> Hiya,
>>>>> 
>>>>> Hope we all had a nice summer break from this
>>>>> discussion, but I'd like to try see if we can
>>>>> get back at it, so I've added reviewing the
>>>>> various drafts folks have posted to my todo
>>>>> list - I hope to send some comments/reviews
>>>>> in the next week-ish.
>>>>> 
>>>>> In the meantime, it looks like w3c are also
>>>>> thinking about threat models [1] which is
>>>>> interesting.
>>>>> 
>>>>> Cheers,
>>>>> S.
>>>> 
>>>> Thanks for kick starting this list again especially after the summer!
>>>> 
>>>> Interesting W3C work, but I would add that they are only looking at privacy threat models so they have that covered. Perhaps we should look at system security threat models since W3C has kicked off their work specifically on privacy. That way we can be more holistic about the work.
>>>> 
>>>> Looking forward to the discussions.
>>>> 
>>>> Dominique
>>>> 
>>>> -- 
>>>> Model-t mailing list
>>>> Model-t@iab.org <mailto:Model-t@iab.org>
>>>> https://www.iab.org/mailman/listinfo/model-t <https://www.iab.org/mailman/listinfo/model-t>
>>> 
>>> 
>>> 
>> <0x5AB2FAF17B172BEA.asc>
> 
> -- 
> Model-t mailing list
> Model-t@iab.org <mailto:Model-t@iab.org>
> https://www.iab.org/mailman/listinfo/model-t <https://www.iab.org/mailman/listinfo/model-t>