IETF Logo Mail Archive

Re: [Model-t] What are we trying to protect

Bret Jordan <jordan.ietf@gmail.com> Sun, 04 August 2019 22:38 UTC

Return-Path: <jordan.ietf@gmail.com>
X-Original-To: model-t@ietfa.amsl.com
Delivered-To: model-t@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8FB8120112 for <model-t@ietfa.amsl.com>; Sun, 4 Aug 2019 15:38:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OUTVsyMz1yRq for <model-t@ietfa.amsl.com>; Sun, 4 Aug 2019 15:38:27 -0700 (PDT)
Received: from mail-pl1-x635.google.com (mail-pl1-x635.google.com [IPv6:2607:f8b0:4864:20::635]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 873D8120111 for <model-t@iab.org>; Sun, 4 Aug 2019 15:38:27 -0700 (PDT)
Received: by mail-pl1-x635.google.com with SMTP id b3so35703912plr.4 for <model-t@iab.org>; Sun, 04 Aug 2019 15:38:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=oa0MJv7rjMjoSrAej5eWJly66u2fUbPTQQ2/w+z80TQ=; b=qoO+NjqShowN9STD8AacbBcfyQRLjSPwE79ZnrTP8jvpBaouTcvHwkBHULYAU+RF6y +3w+816UIl+NWTKMLh+fYNyiSo4cT+ULqrs2jESFrsI0v27MMyu0vpXrlgT4IDkALdXe es+/ZXuvEIkKktleb5P+smOpOXuEECOetlXIyef52I8iIRJCxLOlh6fsZznVREbn2ug8 ep+24ZFxWILS0MjyCGvRRrNlNbOjlj+ZHLo5E9YcX1eat92IBIzcXPgfgW7eyzTWV9Fa bom25BJDIn6XMoyTbpQcJ0rWJsFSxyBctr3ebC1kDlfsxhr1z05cf0/bDUE9eVVM3NIc RxVw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=oa0MJv7rjMjoSrAej5eWJly66u2fUbPTQQ2/w+z80TQ=; b=ivYZJPQdSUgaivIA3D6hLrM8kTvqWRaRfBUrki9O3KlbsPiHokJIGnHzoK5bwrFl6B 1uyIPcN5Llr6V3xlRCj4nGjyiaUhyDCvoPCsZELSDZiUDzKM++Tcwp6sVv3LLeunA2a6 A5KRI/Uq3fDWeTjf5eYDDlMMx4GpHBuzQY8lo/X3MyNcuG2WAVo1kYAP8/ZLVTWo8sYi M9aYLWJyM/+iWVctR3tYU3jWVCjabO2MMfjXIKquguliIyR8IZ+clQ4nJTfAUFb4HH3i aofhdL63kMVBVhIaE5T6DKr9ZFZ9tThVslmpnnIF5RCzIetoiagYUv6527qsziyVCTbL 1TMw==
X-Gm-Message-State: APjAAAW7AwjMidunQkWxOuXKHQq/aNHcJ87MRrUV04CvkbvLbnAzt0Dr fjs8NKwOk44nhb2ksJa7m3g=
X-Google-Smtp-Source: APXvYqxfigZMM9ANdLrdnAYyBL8bKGZn/nhOF78JPiwuGaM8iXu+Q5gbCBlgILw+UTcd4DWgRfORyw==
X-Received: by 2002:a17:902:20ec:: with SMTP id v41mr133990256plg.142.1564958307089; Sun, 04 Aug 2019 15:38:27 -0700 (PDT)
Received: from [10.128.64.149] ([136.60.227.81]) by smtp.gmail.com with ESMTPSA id f88sm14942526pjg.5.2019.08.04.15.38.25 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 04 Aug 2019 15:38:26 -0700 (PDT)
From: Bret Jordan <jordan.ietf@gmail.com>
Message-Id: <73B68598-2F9B-44B7-8FA9-D8EE61C88AAD@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_C3A24D70-6B82-4B19-9144-D949A3682D38"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Sun, 04 Aug 2019 16:38:23 -0600
In-Reply-To: <1c506954-47ba-dc40-f6e5-c19bd17624c2@cs.tcd.ie>
Cc: Ted Lemon <mellon@fugue.com>, Watson Ladd <watsonbladd@gmail.com>, Eric Rescorla <ekr@rtfm.com>, Dominique Lazanski <dml@lastpresslabel.com>, Christian Huitema <huitema@huitema.net>, model-t@iab.org
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
References: <c3a112ba-baab-1cb0-97ad-21ff9999a637@cs.tcd.ie> <22633.1564768705@localhost> <e7c02d44-353f-406c-818e-06a2e49ee212@www.fastmail.com> <5879878A-7CEA-4030-BB72-108CC4122719@gmail.com> <d253231a-d35d-e7c9-e3ae-5c7d7915566e@bluepopcorn.net> <06F0AE14-4413-4022-A804-C1B58E2702CE@fugue.com> <52BAC141-CB25-4072-B556-6325912F1ADD@gmail.com> <9a1555ca-6699-75f1-683e-2a3a2a539a11@cs.tcd.ie> <fbb6866d-87af-abea-42b4-8bb45959ea6a@huitema.net> <A8ABBBFF-9967-4F3B-974F-2DC5953D5DD9@gmail.com> <CABcZeBOKnaa7t3Nc=uq4sB2OQ+uKp=+_LHqX3bBBmpy3RY3dCA@mail.gmail.com> <86157132-D401-4033-A72B-AD4859DB6696@lastpresslabel.com> <CABcZeBPBy+6W-Yg4vMF1aCyNkE7XAJ81HaM75hKa--gRnpUVbg@mail.gmail.com> <5281A343-35C0-4F4D-949D-02C46FA07801@lastpresslabel.com> <86639B71-F616-48CC-96AB-719F7168F087@gmail.com> <CACsn0cktsrVnzVByV9NzcE4jDpMdJ1UBPzut5PTzVSesMXXaNg@mail.gmail.com> <ADF23214-F1A8-4996-A56D-3DB037D81EA9@fugue.com> <F3098ECC-3B02-4242-90C8-15EC8D8F0CBF@gmail.com> <1c506954-47ba-dc40-f6e5-c19bd17624c2@cs.tcd.ie>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/model-t/fHqLpIpWN_AqD_1J321mYRBiHIA>
Subject: Re: [Model-t] What are we trying to protect
X-BeenThere: model-t@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions of changes in Internet deployment patterns and their impact on the Internet threat model <model-t.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/model-t>, <mailto:model-t-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/model-t/>
List-Post: <mailto:model-t@iab.org>
List-Help: <mailto:model-t-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/model-t>, <mailto:model-t-request@iab.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Aug 2019 22:38:30 -0000

A few comments inline… Sorry, I try not to do that. 

Thanks,
Bret
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."

> On Aug 4, 2019, at 3:23 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
> 
> 
> Partly agreeing, partly quibbling:-)
> 
> On 04/08/2019 17:37, Bret Jordan wrote:
>> We need to ensure everyone here in the IETF understands the bigger
>> problem, 
> 
> It is certain that not every IETF participant will care about
> understanding every detail of every possible threat. They do
> have other things do be doing:-)

I fully agree.  We need to make sure the documentation we come up with is super easy to understand, is easily digestible, but yet covers enough of the problem space, that it is really meaningful. 



> 
>> the larger risk, and larger attack surface.  When we design
>> protocols and only consider a small handful of threats, then we
>> inevitably hurt the market.
> 
> IMO we ought not only think in terms of "the market" - I'd
> hope rather that everyone sometimes thinks of more than commerce
> as the Internet impacts on people in other ways that are
> relevant in this discussion.

Sorry bad word choice.  =~s/market/industry/g;  When I refer to “the market” I am not talking about the vendor space, commercial space, or the sell stuff over the web space.  I am simply referring to the way end users, organizations, enterprises, and governments need to use the connectedness of computers and IP address ranges to do what ever it is they are doing. So I should have said “industry” or if you have a better term, let me know.  



> 
>> The more of these things we can document and the more we can bring
>> them to light, the better everything will be in the end.
> Yes, but it's important to document things in a way that can
> lead up to then winnowing things down to something that ends
> up useful to that population of IETFers who are not security
> or privacy specialists.

Once again, I fully agree.  But we need to start somewhere.  The Stanford D-School has a great set of classes on how to effectively brainstorm.  And I think that is what we are trying to do now.  We are trying to get the discussion going and get everything out there, so we can start to better understand how big the elephant is that we need to work on. 

Bret


> 
> Cheers,
> S.
> <0x5AB2FAF17B172BEA.asc>

v2.23.0 | Report a Bug | By Email