IETF Logo Mail Archive

Re: [Model-t] w3c also thinking about threat models

Dominique Lazanski <dml@lastpresslabel.com> Fri, 20 September 2019 17:12 UTC

Return-Path: <dml@lastpresslabel.com>
X-Original-To: model-t@ietfa.amsl.com
Delivered-To: model-t@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96E111200B8 for <model-t@ietfa.amsl.com>; Fri, 20 Sep 2019 10:12:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lastpresslabel-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ErgAXRR6gRNT for <model-t@ietfa.amsl.com>; Fri, 20 Sep 2019 10:12:09 -0700 (PDT)
Received: from mail-wm1-x32b.google.com (mail-wm1-x32b.google.com [IPv6:2a00:1450:4864:20::32b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5CE331201E5 for <model-t@iab.org>; Fri, 20 Sep 2019 10:12:09 -0700 (PDT)
Received: by mail-wm1-x32b.google.com with SMTP id 3so2970793wmi.3 for <model-t@iab.org>; Fri, 20 Sep 2019 10:12:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lastpresslabel-com.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=kQHaA4dsjdPzYNe/ar3C6FZPdYbs0L+ogwf2IBu0om0=; b=YdvfHP6QlxQ/rm8ZuNTvz5E2vyP68MtxGTZv4ATtsfLkk1HmXp5WaRGADoLz0rOKJS oEhOuqr35Gb2JiyVre3isDKGDuIXwtrSm3kk0/lAM27SInQMvfFWefH7hZZKfwvfFcs4 XpCm5zZSVKMY5ludJJkw5jl4/OX8pzT6Q5mf4CUDm9e+qyVuKpK/vyfRZtOTAPGylb3w c5wMzdW/ZNXbO5p3meSVxYScfFpXzylyGfuYRj/Z4rt7gi9uTetEiq5M04/DMgoS6d41 8rSXyeh8VfjUF9P4qR68cvPCPFztumRWyixir5Q8cuKxbG07uqxuGO5mjQ3npxfO23ok uCwA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=kQHaA4dsjdPzYNe/ar3C6FZPdYbs0L+ogwf2IBu0om0=; b=LpMqsRifJGzKUBFWV8zTMBWAJzlfgv+TU1T05PifyKjE831xz80QN9yLhEihQJjQbX PNkktNxZGMdTdDPAGCGVWeP/LmuIM7ZMZdriZzGKaWJ4PqQ5S5DrTPIKOGxwCfGe9xcc jbHidZLFPWMSVkZmGHZpu/B9xLoiC2Y6dkHBKQW74LF2NCPAGiDsmbnLrxx8BaObP//T VErP+S7SPzXsV18n55K7n4TZRIISHioYxVbtnhMMpjemFKDwpch+e7E+1YrkLBArqLcV 1Jp80P2Kgq16XVeSR2zlxrRWkKYGHxRrociMI3grlMKVizME6W+X94IZ2kHt4Blcnxxm 5uJA==
X-Gm-Message-State: APjAAAXWt/Inr/oywMTdO6wBUKGRHQyHXFxf6DNneBn/74aGmsl6iKvu YeOGxP64PljuTNXOnOcd7k9s2jg5B70aI6XB
X-Google-Smtp-Source: APXvYqwEnzIByCb85mjqZwAE3JdClI86MSDMDx0BZb1K7i8e+DWJYlM3DyPSDFEK+cBrAOx4cxEmcQ==
X-Received: by 2002:a7b:c44d:: with SMTP id l13mr4039818wmi.160.1568999527805; Fri, 20 Sep 2019 10:12:07 -0700 (PDT)
Received: from [192.168.1.62] (171.99.26.93.rev.sfr.net. [93.26.99.171]) by smtp.gmail.com with ESMTPSA id s1sm4568845wrg.80.2019.09.20.10.12.05 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 20 Sep 2019 10:12:06 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
From: Dominique Lazanski <dml@lastpresslabel.com>
In-Reply-To: <a327c668-6a17-bb9f-318e-e3cea6c6c1d0@cs.tcd.ie>
Date: Fri, 20 Sep 2019 18:12:14 +0100
Cc: model-t@iab.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <624F4CA6-8D84-4BD8-A74C-E5AE22709F72@lastpresslabel.com>
References: <a327c668-6a17-bb9f-318e-e3cea6c6c1d0@cs.tcd.ie>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/model-t/o5ryeicZVCBD560Yj8R1VuQJUew>
Subject: Re: [Model-t] w3c also thinking about threat models
X-BeenThere: model-t@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions of changes in Internet deployment patterns and their impact on the Internet threat model <model-t.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/model-t>, <mailto:model-t-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/model-t/>
List-Post: <mailto:model-t@iab.org>
List-Help: <mailto:model-t-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/model-t>, <mailto:model-t-request@iab.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Sep 2019 17:12:12 -0000


> On 20 Sep 2019, at 11:26, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
> 
> 
> Hiya,
> 
> Hope we all had a nice summer break from this
> discussion, but I'd like to try see if we can
> get back at it, so I've added reviewing the
> various drafts folks have posted to my todo
> list - I hope to send some comments/reviews
> in the next week-ish.
> 
> In the meantime, it looks like w3c are also
> thinking about threat models [1] which is
> interesting.
> 
> Cheers,
> S.

Thanks for kick starting this list again especially after the summer!

Interesting W3C work, but I would add that they are only looking at privacy threat models so they have that covered. Perhaps we should look at system security threat models since W3C has kicked off their work specifically on privacy. That way we can be more holistic about the work.

Looking forward to the discussions.

Dominique

v2.23.0 | Report a Bug | By Email