IETF Logo Mail Archive

Re: [Model-t] What are we trying to protect

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sun, 04 August 2019 23:00 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: model-t@ietfa.amsl.com
Delivered-To: model-t@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2697C120111 for <model-t@ietfa.amsl.com>; Sun, 4 Aug 2019 16:00:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J5aNUawnlr6o for <model-t@ietfa.amsl.com>; Sun, 4 Aug 2019 16:00:11 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1989120115 for <model-t@iab.org>; Sun, 4 Aug 2019 16:00:10 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id EBF42BE2C; Mon, 5 Aug 2019 00:00:07 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V1HXGCb1Tp47; Mon, 5 Aug 2019 00:00:06 +0100 (IST)
Received: from [10.244.2.138] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 0455DBE2F; Mon, 5 Aug 2019 00:00:06 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1564959606; bh=G+thSaROHWhOBJE0icTJO87he3OcN5Cd6asBf3m5KIc=; h=To:Cc:References:From:Subject:Date:In-Reply-To:From; b=W6LEWGn/fjEytJkhJjgRyeOI1egMyzTjKlwmfMbL3ixsrKz18Ut3XT/8PEVXtup50 h0r9IGnJAgwhleU8HQAqNIuAKWISkjsN1dTL7AY92u8bZF91knYNDO2gjntwdxUrlP FSTnWlONVrT3fsGruV5SOVxTJDvJhApqlQvH5788=
To: Bret Jordan <jordan.ietf@gmail.com>
Cc: Eric Rescorla <ekr@rtfm.com>, Dominique Lazanski <dml@lastpresslabel.com>, Watson Ladd <watsonbladd@gmail.com>, Ted Lemon <mellon@fugue.com>, model-t@iab.org, Christian Huitema <huitema@huitema.net>
References: <c3a112ba-baab-1cb0-97ad-21ff9999a637@cs.tcd.ie> <5879878A-7CEA-4030-BB72-108CC4122719@gmail.com> <d253231a-d35d-e7c9-e3ae-5c7d7915566e@bluepopcorn.net> <06F0AE14-4413-4022-A804-C1B58E2702CE@fugue.com> <52BAC141-CB25-4072-B556-6325912F1ADD@gmail.com> <9a1555ca-6699-75f1-683e-2a3a2a539a11@cs.tcd.ie> <fbb6866d-87af-abea-42b4-8bb45959ea6a@huitema.net> <A8ABBBFF-9967-4F3B-974F-2DC5953D5DD9@gmail.com> <CABcZeBOKnaa7t3Nc=uq4sB2OQ+uKp=+_LHqX3bBBmpy3RY3dCA@mail.gmail.com> <86157132-D401-4033-A72B-AD4859DB6696@lastpresslabel.com> <CABcZeBPBy+6W-Yg4vMF1aCyNkE7XAJ81HaM75hKa--gRnpUVbg@mail.gmail.com> <5281A343-35C0-4F4D-949D-02C46FA07801@lastpresslabel.com> <86639B71-F616-48CC-96AB-719F7168F087@gmail.com> <CACsn0cktsrVnzVByV9NzcE4jDpMdJ1UBPzut5PTzVSesMXXaNg@mail.gmail.com> <ADF23214-F1A8-4996-A56D-3DB037D81EA9@fugue.com> <F3098ECC-3B02-4242-90C8-15EC8D8F0CBF@gmail.com> <1c506954-47ba-dc40-f6e5-c19bd17624c2@cs.tcd.ie> <73B68598-2F9B-44B7-8FA9-D8EE61C88AAD@gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=5BB5A6EA5765D2C5863CAE275AB2FAF17B172BEA; url=
Autocrypt: addr=stephen.farrell@cs.tcd.ie; prefer-encrypt=mutual; keydata= mQINBFo9UDIBEADUH4ZPcUnX5WWRWO4kEkHea5Y5eEvZjSwe/YA+G0nrTuOU9nemCP5PMvmh 5Cg8gBTyWyN4Z2+O25p9Tja5zUb+vPMWYvOtokRrp46yhFZOmiS5b6kTq0IqYzsEv5HI58S+ QtaFq978CRa4xH9Gi9u4yzUmT03QNIGDXE37honcAM4MOEtEgvw4fVhVWJuyy3w//0F2tzKr EMjmL5VGuD/Q9+G/7abuXiYNNd9ZFjv4625AUWwy+pAh4EKzS1FE7BOZp9daMu9MUQmDqtZU bUv0Q+DnQAB/4tNncejJPz0p2z3MWCp5iSwHiQvytYgatMp34a50l6CWqa13n6vY8VcPlIqO Vz+7L+WiVfxLbeVqBwV+4uL9to9zLF9IyUvl94lCxpscR2kgRgpM6A5LylRDkR6E0oudFnJg b097ZaNyuY1ETghVB5Uir1GCYChs8NUNumTHXiOkuzk+Gs4DAHx/a78YxBolKHi+esLH8r2k 4LyM2lp5FmBKjG7cGcpBGmWavACYEa7rwAadg4uBx9SHMV5i33vDXQUZcmW0vslQ2Is02NMK 7uB7E7HlVE1IM1zNkVTYYGkKreU8DVQu8qNOtPVE/CdaCJ/pbXoYeHz2B1Nvbl9tlyWxn5Xi HzFPJleXc0ksb9SkJokAfwTSZzTxeQPER8la5lsEEPbU/cDTcwARAQABtDJTdGVwaGVuIEZh cnJlbGwgKDIwMTcpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPokCQAQTAQgAKgIbAwUJ CZQmAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAUCWj6jdwIZAQAKCRBasvrxexcr6o7QD/9m x9DPJetmW794RXmNTrbTJ44zc/tJbcLdRBh0KBn9OW/EaAqjDmgNJeCMyJTKr1ywaps8HGUN hLEVkc14NUpgi4/Zkrbi3DmTp25OHj6wXBS5qVMyVynTMEIjOfeFFyxG+48od+Xn7qg6LT7G rHeNf+z/r0v9+8eZ1Ip63kshQDGhhpmRMKu4Ws9ZvTW2ACXkkTFaSGYJj3yIP4R6IgwBYGMz DXFX6nS4LA1s3pcPNxOgrvCyb60AiJZTLcOk/rRrpZtXB1XQc23ZZmrlTkl2HaThL6w3YKdi Ti1NbuMeOxZqtXcUshII45sANm4HuWNTiRh93Bn5bN6ddjgsaXEZBKUBuUaPBl7gQiQJcAlS 3MmGgVS4ZoX8+VaPGpXdQVFyBMRFlOKOC5XJESt7wY0RE2C8PFm+5eywSO/P1fkl9whkMgml 3OEuIQiP2ehRt/HVLMHkoM9CPQ7t6UwdrXrvX+vBZykav8x9U9M6KTgfsXytxUl6Vx5lPMLi 2/Jrsz6Mzh/IVZa3xjhq1OLFSI/tT2ji4FkJDQbO+yYUDhcuqfakDmtWLMxecZsY6O58A/95 8Qni6Xeq+Nh7zJ7wNcQOMoDGj+24di2TX1cKLzdDMWFaWzlNP5dB5VMwS9Wqj1Z6TzKjGjru q8soqohwb2CK9B3wzFg0Bs1iBI+2RuFnxLkCDQRaPVAyARAA+g3R0HzGr/Dl34Y07XqGqzq5 SU0nXIu9u8Ynsxj7gR5qb3HgUWYEWrHW2jHOByXnvkffucf5yzwrsvw8Q8iI8CFHiTYHPpey 4yPVn6R0w/FOMcY70eTIu/k6EEFDlDbs09DtKcrsT9bmN0XoRxITlXwWTufYqUnmS+YkAuk+ TLCtUin7OdaS2uU6Ata3PLQSeM2ZsUQMmYmHPwB9rmf+q2I005AJ9Q1SPQ2KNg/8xOGxo13S VuaSqYRQdpV93RuCOzg4vuXtR+gP0KQrus/P2ZCEPvU9cXF/2MIhXgOz207lv3iE2zGyNXld /n8spvWk+0bH5Zqd9Wcba/rGcBhmX9NKKDARZqjkv/zVEP1X97w1HsNYeUFNcg2lk9zQKb4v l1jx/Uz8ukzH2QNhU4R39dbF/4AwWuSVkGW6bTxHJqGs6YimbfdQqxTzmqFwz3JP0OtXX5q/ 6D4pHwcmJwEiDNzsBLl6skPSQ0Xyq3pua/qAP8MVm+YxCxJQITqZ8qjDLzoe7s9X6FLLC/DA L9kxl5saVSfDbuI3usH/emdtn0NA9/M7nfgih92zD92sl1yQXHT6BDa8xW1j+RU4P+E0wyd7 zgB2UeYgrp2IIcfG+xX2uFG5MJQ/nYfBoiALb0+dQHNHDtFnNGY3Oe8z1M9c5aDG3/s29QbJ +w7hEKKo9YMAEQEAAYkCJQQYAQgADwUCWj1QMgIbDAUJCZQmAAAKCRBasvrxexcr6qwvD/9b Rek3kfN8Q+jGrKl8qwY8HC5s4mhdDJZI/JP2FImf5J2+d5/e8UJ4fcsT79E0/FqX3Z9wZr6h sofPqLh1/YzDsYkZDHTYSGrlWGP/I5kXwUmFnBZHzM3WGrL3S7ZmCYMdudhykxXXjq7M6Do1 oxM8JofrXGtwBTLv5wfvvygJouVCVe87Ge7mCeY5vey1eUi4zSSF1zPpR6gg64w2g4TXM5qt SwkZVOv1g475LsGlYWRuJV8TA67yp1zJI7HkNqCo8KyHX0DPOh9c+Sd9ZX4aqKfqH9HIpnCL AYEgj7vofeix7gM3kQQmwynqq32bQGQBrKJEYp2vfeO30VsVx4dzuuiC5lyjUccVmw5D72J0 FlGrfEm0kw6D1qwyBg0SAMqamKN6XDdjhNAtXIaoA2UMZK/vZGGUKbqTgDdk0fnzOyb2zvXK CiPFKqIPAqKaDHg0JHdGI3KpQdRNLLzgx083EqEc6IAwWA6jSz+6lZDV6XDgF0lYqAYIkg3+ 6OUXUv6plMlwSHquiOc/MQXHfgUP5//Ra5JuiuyCj954FD+MBKIj8eWROfnzyEnBplVHGSDI ZLzL3pvV14dcsoajdeIH45i8DxnVm64BvEFHtLNlnliMrLOrk4shfmWyUqNlzilXN2BTFVFH 4MrnagFdcFnWYp1JPh96ZKjiqBwMv/H0kw==
Message-ID: <17d230a0-49ce-079e-a081-f00e66f2f512@cs.tcd.ie>
Date: Mon, 05 Aug 2019 00:00:05 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <73B68598-2F9B-44B7-8FA9-D8EE61C88AAD@gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="hX723OqClX7HqeeLkQ4Pv3revZZGs7wLg"
Archived-At: <https://mailarchive.ietf.org/arch/msg/model-t/gsrhDI1U_aFRVyIcXQ0aoZ4SZF8>
Subject: Re: [Model-t] What are we trying to protect
X-BeenThere: model-t@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions of changes in Internet deployment patterns and their impact on the Internet threat model <model-t.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/model-t>, <mailto:model-t-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/model-t/>
List-Post: <mailto:model-t@iab.org>
List-Help: <mailto:model-t-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/model-t>, <mailto:model-t-request@iab.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Aug 2019 23:00:13 -0000

Hiya,

On 04/08/2019 23:38, Bret Jordan wrote:
> A few comments inline… Sorry, I try not to do that.

Why not? It's fine. (And easier to follow in mail I believe.)

>>> the larger risk, and larger attack surface.  When we design 
>>> protocols and only consider a small handful of threats, then we 
>>> inevitably hurt the market.
>> 
>> IMO we ought not only think in terms of "the market" - I'd hope
>> rather that everyone sometimes thinks of more than commerce as the
>> Internet impacts on people in other ways that are relevant in this
>> discussion.
> 
> Sorry bad word choice.  =~s/market/industry/g;  When I refer to “the
> market” I am not talking about the vendor space, commercial space, or
> the sell stuff over the web space.  I am simply referring to the way
> end users, organizations, enterprises, and governments need to use
> the connectedness of computers and IP address ranges to do what ever
> it is they are doing. So I should have said “industry” or if you have
> a better term, let me know.

I suspect this is one where we're better to recognise that
nobody's fav term is correct;-) It's entirely legit to consider
how security/privacy analyses affect the market, and how they
affect society, and how they affect specific communities, and how
they affect the set of people who use or care about the Internet.
Those are all valid, as would be other sets of interested parties,
and I suspect we'd never reach consensus as to the relative
importance of each. I think if we each accept that other folks
rate those differently for reasons that are possibly as valid as
our own, that might be good enough.

>>> The more of these things we can document and the more we can
>>> bring them to light, the better everything will be in the end.
>> Yes, but it's important to document things in a way that can lead
>> up to then winnowing things down to something that ends up useful
>> to that population of IETFers who are not security or privacy
>> specialists.
> 
> Once again, I fully agree.  But we need to start somewhere.  The
> Stanford D-School has a great set of classes on how to effectively
> brainstorm.  And I think that is what we are trying to do now.  We
> are trying to get the discussion going and get everything out there,
> so we can start to better understand how big the elephant is that we
> need to work on

The elephant metaphor isn't my favourite. Even if we're each
scrambling around in the dark, there might not be exactly one
elephant. In this case, I think there definitely is more than
one. For example, we have the enterprise n/w vs big-I security
differences, and we also have the commercial/govt surveillance
vs. human rights/freedom differences. It may be my lack of
imagination but I can't see how those are part of one elephant.
(And I think that's true regardless of one's opinions as to any
of the locally-perceived potential elephant parts:-)

Cheers,
S.


> 
> Bret
> 
> 
>> 
>> Cheers, S. <0x5AB2FAF17B172BEA.asc>
> 
> 
>

v2.23.0 | Report a Bug | By Email