Re: [Model-t] w3c also thinking about threat models

Bret Jordan <jordan.ietf@gmail.com> Mon, 23 September 2019 14:41 UTC

Return-Path: <jordan.ietf@gmail.com>
X-Original-To: model-t@ietfa.amsl.com
Delivered-To: model-t@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E51F512009E for <model-t@ietfa.amsl.com>; Mon, 23 Sep 2019 07:41:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rwYnEa_swiY5 for <model-t@ietfa.amsl.com>; Mon, 23 Sep 2019 07:41:39 -0700 (PDT)
Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75BC012006D for <model-t@iab.org>; Mon, 23 Sep 2019 07:41:39 -0700 (PDT)
Received: by mail-pl1-x630.google.com with SMTP id s17so5125503plp.6 for <model-t@iab.org>; Mon, 23 Sep 2019 07:41:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=si8W983AqejIWsPTzIJH007D8+5TSku7fiNfAR3vZio=; b=J4veubqXJt7AA+yCSSBPvTLhxsX161qf11+Yddt9TYYgz2jnObdj4Szujqu+CatpUo SeKVzordWTUHM7L1QmBkhms+vAZ3cmUAqr5iBC1wB6Ujet9Pe7jW73HMs2FfJ+28H1Ru f5qMGi8JDdcuM4JqFYdGgvJ5uQL74LhSHKBhntRph/EWmLqWjKPnGZiK9gcIqBuuiNcg e1e9T3HdPPRV2MtdQLkGiQ0ikSnPSy9DyP20iXrc3VXwjQnWFGDrWxvAB7J52+SHAFXw sSZrzLT9ly3fv2jek3b171VYEMYJeq/ToKN79hwsGNNmhwWt2pV2es00VxQB0n0bpFAm FI0Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=si8W983AqejIWsPTzIJH007D8+5TSku7fiNfAR3vZio=; b=TJlhyYHl8GlG72FFeRwxtTKsw4UzlFiLteuOERzCzQxEUFISpwUc36Mrq2v0Jb5pxP RePInudemmYGfoWjmf7TJKEijfBC43+IizWFIjaTSB6lPVbqpanwVrH225TBh11xam2M XixmctEKFF6bgb2oUvvxk0YNn2sY/4fAbfwQjEjTAkbWSDYMSDcB1jm8UL62aH6I62AU 2sqygPWojDRuNb0UT2Tt8H7XfjwmOUtcx2jTFos8Kwp+9zOU82yTY6N0uV3ajrWdAkUe y8Kwqn8WC7EDFQmRL7/pkT+zgxeI35eSzRbjrZ2IXtSLHUA7vGvoEe6hyfql6Y8r/To6 u+gw==
X-Gm-Message-State: APjAAAXKWASuT0EEYqZgylIayQfZKtk8y/jplS3Gc1Xz3GvauJzGCSXy PWXw8CIyFRJ9GAycZ5dVB9k=
X-Google-Smtp-Source: APXvYqxPZ4wqB6RXMHrWy4R1e4YVJXk8JwsOu33FF6dEy3/ZryJzF/9BaE2mM69+kSpgLefO9CGkyQ==
X-Received: by 2002:a17:902:a613:: with SMTP id u19mr132230plq.122.1569249698808; Mon, 23 Sep 2019 07:41:38 -0700 (PDT)
Received: from [10.128.64.149] ([136.60.227.81]) by smtp.gmail.com with ESMTPSA id m9sm15472057pjf.11.2019.09.23.07.41.36 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 23 Sep 2019 07:41:37 -0700 (PDT)
From: Bret Jordan <jordan.ietf@gmail.com>
Message-Id: <49EC2254-981B-4B79-9116-AC24385C2287@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_1EFBF2DD-D7BB-4D5A-A82A-829C9B2E6F6C"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Mon, 23 Sep 2019 08:41:35 -0600
In-Reply-To: <27c70832-a631-4622-6119-3a47928c634e@cs.tcd.ie>
Cc: Dominique Lazanski <dml@lastpresslabel.com>, model-t@iab.org
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
References: <a327c668-6a17-bb9f-318e-e3cea6c6c1d0@cs.tcd.ie> <624F4CA6-8D84-4BD8-A74C-E5AE22709F72@lastpresslabel.com> <A30308F8-D2A5-45CF-88D9-D65240972D51@gmail.com> <27c70832-a631-4622-6119-3a47928c634e@cs.tcd.ie>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/model-t/Ob8f5oHTTLR_LLCTHGHec6M5ckw>
Subject: Re: [Model-t] w3c also thinking about threat models
X-BeenThere: model-t@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions of changes in Internet deployment patterns and their impact on the Internet threat model <model-t.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/model-t>, <mailto:model-t-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/model-t/>
List-Post: <mailto:model-t@iab.org>
List-Help: <mailto:model-t-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/model-t>, <mailto:model-t-request@iab.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Sep 2019 14:41:43 -0000

> the web has a reasonably worked out security model 


Given how nearly all attacks, campaigns, malware, and intrusion sets use the web or software connecting to the web to either compromise victims, exfiltrate personal or private information from victims, or destroy victims’ information I think one could easily argue that your statement that there is "a reasonably worked out security model" is false. 



Thanks,
Bret
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."

> On Sep 20, 2019, at 2:01 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
> 
> On 20/09/2019 18:48, Bret Jordan wrote:
>> Yes, privacy is just one facet. 
> 
> Sure, it's clearly true that privacy is not everything
> in the IETF context, nor in w3c either. I guess the
> argument for putting more focus on privacy in w3c might
> be that the web has a reasonably worked out, (even if
> imperfect) security model (the SOP etc), but that the
> web has been pretty awful for privacy. Well, that's an
> argument I'd make, not sure if the people involved in
> the w3c work would:-)
> 
> S.
> 
>> 
>> 
>> Thanks,
>> Bret
>> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
>> "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
>> 
>>> On Sep 20, 2019, at 11:12 AM, Dominique Lazanski <dml@lastpresslabel.com> wrote:
>>> 
>>> 
>>> 
>>>> On 20 Sep 2019, at 11:26, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
>>>> 
>>>> 
>>>> Hiya,
>>>> 
>>>> Hope we all had a nice summer break from this
>>>> discussion, but I'd like to try see if we can
>>>> get back at it, so I've added reviewing the
>>>> various drafts folks have posted to my todo
>>>> list - I hope to send some comments/reviews
>>>> in the next week-ish.
>>>> 
>>>> In the meantime, it looks like w3c are also
>>>> thinking about threat models [1] which is
>>>> interesting.
>>>> 
>>>> Cheers,
>>>> S.
>>> 
>>> Thanks for kick starting this list again especially after the summer!
>>> 
>>> Interesting W3C work, but I would add that they are only looking at privacy threat models so they have that covered. Perhaps we should look at system security threat models since W3C has kicked off their work specifically on privacy. That way we can be more holistic about the work.
>>> 
>>> Looking forward to the discussions.
>>> 
>>> Dominique
>>> 
>>> -- 
>>> Model-t mailing list
>>> Model-t@iab.org
>>> https://www.iab.org/mailman/listinfo/model-t
>> 
>> 
>> 
> <0x5AB2FAF17B172BEA.asc>