IETF Logo Mail Archive

Re: [Model-t] w3c also thinking about threat models

Bret Jordan <jordan.ietf@gmail.com> Fri, 20 September 2019 17:48 UTC

Return-Path: <jordan.ietf@gmail.com>
X-Original-To: model-t@ietfa.amsl.com
Delivered-To: model-t@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 260A6120940 for <model-t@ietfa.amsl.com>; Fri, 20 Sep 2019 10:48:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cIrdhWftBB_B for <model-t@ietfa.amsl.com>; Fri, 20 Sep 2019 10:48:46 -0700 (PDT)
Received: from mail-pl1-x635.google.com (mail-pl1-x635.google.com [IPv6:2607:f8b0:4864:20::635]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE52A12090C for <model-t@iab.org>; Fri, 20 Sep 2019 10:48:45 -0700 (PDT)
Received: by mail-pl1-x635.google.com with SMTP id t10so3508057plr.8 for <model-t@iab.org>; Fri, 20 Sep 2019 10:48:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=gw7BYQVHNU/kyPs8dJYOrbZv/56wzxjZ/sMczNVDwtY=; b=Q94qoP1ZaCoqSRH6RFCM7kfxUqiM+XBC7KGH8NDuNyKztv4lCswOcs7XYw88pEChU9 YBqEXN1KskWbfIeaNY2ofuOHTHOJ2pfwtl5w7VpZ1TmhFuWN3X/Pg0z1r9Mp+PSkAQf6 yOqjCS3EMNIOlejDHvzhN/jdDERzEo/ON8tzLgSV4Nrh3pxthxrNCcYX0fGf4qI3XsP2 S/YJsFB6Qs/jHSGWSiWnvmxC7iPfRCtleAzyBfq0NNQylIzVpGDorEmwUUKxw02ymIz7 1XRnPiProBXumjoK6y5HmVoin7fCtsow4zYGX9lL8T+Tll7EKyP1NkycYbjI25kvJO4U aOxA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=gw7BYQVHNU/kyPs8dJYOrbZv/56wzxjZ/sMczNVDwtY=; b=Tl5eYI3OdtpqbjELF2vH93+15kc1VOefCDgdsGXw0JTBe1aYm59wnxA4VlO4fOsLW8 BODJWr5C1lWhAOvuBLLiO47pvWJr3DO9odLxCJt5stQgu+nDgL8uCfkqpiNBfhavjFQK GeDy/7WnmnIAaGBPZn9Vl7JNBXrj3FCu3B5NPSgGkduTE2X8P3hvbthjaLcjI3JzthiC tcp+Hp0zWF1lJfPakSp7GBZq+H3rJR7SIK0fNbZFbpmbJCehHRMJcVvyreV8IvfjD90F dKcc3AcAZRC/aAyM378ZmsmIYq9/o85R5gC7a8HlhXYCsfQ8zokHyf3ZRIM8IZgvjxtg sDWw==
X-Gm-Message-State: APjAAAXSnwwNg7644es0ctBWe5tMazYrC/qnV1iCgNy4f11IN90hp+1n lUQ4/LnV8VKtge8YZIXNLe8=
X-Google-Smtp-Source: APXvYqyCod0mTo/wd5PVs39R7l5r2Y6pkK4CBAEe9b2a6AMcFVbJQRl1DlVZ4FlWJxPXK08KPVTtDg==
X-Received: by 2002:a17:902:7147:: with SMTP id u7mr18132763plm.260.1569001725500; Fri, 20 Sep 2019 10:48:45 -0700 (PDT)
Received: from [10.128.64.149] ([136.60.227.81]) by smtp.gmail.com with ESMTPSA id c20sm4906928pfd.122.2019.09.20.10.48.44 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 20 Sep 2019 10:48:44 -0700 (PDT)
From: Bret Jordan <jordan.ietf@gmail.com>
Message-Id: <A30308F8-D2A5-45CF-88D9-D65240972D51@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_03259D05-A0D8-47B5-B3CF-62143B354F64"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Fri, 20 Sep 2019 11:48:41 -0600
In-Reply-To: <624F4CA6-8D84-4BD8-A74C-E5AE22709F72@lastpresslabel.com>
Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>, model-t@iab.org
To: Dominique Lazanski <dml@lastpresslabel.com>
References: <a327c668-6a17-bb9f-318e-e3cea6c6c1d0@cs.tcd.ie> <624F4CA6-8D84-4BD8-A74C-E5AE22709F72@lastpresslabel.com>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/model-t/UbkHwUdtBvIC3yBuzfHsWn0_fLc>
Subject: Re: [Model-t] w3c also thinking about threat models
X-BeenThere: model-t@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions of changes in Internet deployment patterns and their impact on the Internet threat model <model-t.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/model-t>, <mailto:model-t-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/model-t/>
List-Post: <mailto:model-t@iab.org>
List-Help: <mailto:model-t-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/model-t>, <mailto:model-t-request@iab.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Sep 2019 17:48:53 -0000

Yes, privacy is just one facet. 


Thanks,
Bret
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."

> On Sep 20, 2019, at 11:12 AM, Dominique Lazanski <dml@lastpresslabel.com> wrote:
> 
> 
> 
>> On 20 Sep 2019, at 11:26, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
>> 
>> 
>> Hiya,
>> 
>> Hope we all had a nice summer break from this
>> discussion, but I'd like to try see if we can
>> get back at it, so I've added reviewing the
>> various drafts folks have posted to my todo
>> list - I hope to send some comments/reviews
>> in the next week-ish.
>> 
>> In the meantime, it looks like w3c are also
>> thinking about threat models [1] which is
>> interesting.
>> 
>> Cheers,
>> S.
> 
> Thanks for kick starting this list again especially after the summer!
> 
> Interesting W3C work, but I would add that they are only looking at privacy threat models so they have that covered. Perhaps we should look at system security threat models since W3C has kicked off their work specifically on privacy. That way we can be more holistic about the work.
> 
> Looking forward to the discussions.
> 
> Dominique
> 
> -- 
> Model-t mailing list
> Model-t@iab.org
> https://www.iab.org/mailman/listinfo/model-t

v2.23.0 | Report a Bug | By Email