Re: [perpass] "Its an attack" BCP draft
"Fred Baker (fred)" <fred@cisco.com> Wed, 20 November 2013 23:31 UTC
Return-Path: <fred@cisco.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B100B1AE161 for <perpass@ietfa.amsl.com>; Wed, 20 Nov 2013 15:31:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -115.026
X-Spam-Level:
X-Spam-Status: No, score=-115.026 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.525, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vwIV0nkVuk4E for <perpass@ietfa.amsl.com>; Wed, 20 Nov 2013 15:31:29 -0800 (PST)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) by ietfa.amsl.com (Postfix) with ESMTP id 377931AE0E9 for <perpass@ietf.org>; Wed, 20 Nov 2013 15:31:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3330; q=dns/txt; s=iport; t=1384990283; x=1386199883; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=2stmT4Kg8S84zy/La8FP0JKgOl0cnfyF0maey7AQSj0=; b=c5wDP5qDKEYuljDxvcZB0C14TLTHq+s3rS9DGqDfIMh+NuluaDQOiJ2r 6VFzjwEzp1I9x7Z/Ftvmo5qiTPgH3t6Z8UWdMMAEM+ompPBUUX3skPSKe MFLfa+3wlwqok1ECTCV6cCDx9AYk5p8nemhuDfvbqMbwZvaohqgotnT5j E=;
X-Files: signature.asc : 195
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AiYFAMhFjVKtJXG//2dsb2JhbABZgwc4U71pgRsWdIImAQEEeRACAQhGMiUCBA4Th3MNwFIXj2sHgyCBEgOQMIExhjGSDYMogio
X-IronPort-AV: E=Sophos; i="4.93,739,1378857600"; d="asc'?scan'208"; a="286493271"
Received: from rcdn-core2-4.cisco.com ([173.37.113.191]) by rcdn-iport-6.cisco.com with ESMTP; 20 Nov 2013 23:31:22 +0000
Received: from xhc-aln-x14.cisco.com (xhc-aln-x14.cisco.com [173.36.12.88]) by rcdn-core2-4.cisco.com (8.14.5/8.14.5) with ESMTP id rAKNVMFh009945 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 20 Nov 2013 23:31:22 GMT
Received: from xmb-rcd-x09.cisco.com ([169.254.9.136]) by xhc-aln-x14.cisco.com ([173.36.12.88]) with mapi id 14.03.0123.003; Wed, 20 Nov 2013 17:31:21 -0600
From: "Fred Baker (fred)" <fred@cisco.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Thread-Topic: [perpass] "Its an attack" BCP draft
Thread-Index: AQHO5j5Bphed+FewiEyOvLfP47uGBpovKVQA
Date: Wed, 20 Nov 2013 23:31:21 +0000
Message-ID: <D643E77C-7978-4167-8482-CA1FE560817A@cisco.com>
References: <528D34D7.1010303@cs.tcd.ie>
In-Reply-To: <528D34D7.1010303@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.19.64.121]
Content-Type: multipart/signed; boundary="Apple-Mail=_9700F404-9A7A-4325-A3C3-408F3C848BCE"; protocol="application/pgp-signature"; micalg="pgp-sha1"
MIME-Version: 1.0
Cc: perpass <perpass@ietf.org>
Subject: Re: [perpass] "Its an attack" BCP draft
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2013 23:31:31 -0000
I just read your ID. I think the sense of the ID is pretty much correct. You half-define two words, "attack" and "mitigate", in saying something about what they are not (an attack, you say, has a "bad-actor", but implies nothing about the motivations of the attacker, and a "mitigation" doesn't make the attack go away, it merely makes it more expensive). I think you would do well to actually define the terms. BTW, I think "bad actor" is a bad choice of words if you want to remove value judgements and motivations from the discussion. I'd suggest a more neutral term. My definitions probably need work, but I think I'm looking for something like: Glossary: "Attack": In common English usage, an "attack" is an aggressive action perpetrated by an opponent, intended to enforce the opponent's will on the attacked party. In the Internet, the term is used to refer to a behavior that subverts the intent of a communicator without the knowledge of the parties to the communication. It may be active or passive. It may change the content of the communication, record the content of the communication, or through correlation with other communication events or attempts, reveal information the communicator did not intend to be revealed. It may also prevent communication or delay a time-sensitive communication more than its sensitivity permits. It may also have other effects that similarly subvert the intent of a communicator. "Mitigation": As in common english usage, the term is used in the Internet in the sense of "make less severe, serious, or painful." (http://www.oxforddictionaries.com/us/definition/american_english/mitigate). Colloquially, the term is also used in the sense of making something of no effect, but this usage is not implied in the Internet context. If a person is cold, common english usage would consider the act of putting on a coat or the act of entering a warm building as mitigations. While the latter (making the matter of no effect) is desirable, for many purposes the former is cost-effective and sufficient for the purpose. You might also walk through the document looking for run-on sentences and verbal lists. Search for the word "and", and ask yourself in each usage whether it could be usefully replaced with a period followed by the start of a new sentence. Search also for the word "or"; a list is "A, B, or C", not "A or B or C". In general, try to use simple sentences in active voice ("A does B to C"), as opposed to more complex sentences or passive voice ("B is done to C by A").
- Re: [perpass] "Its an attack" BCP draft Ralf Skyper Kaiser
- [perpass] "Its an attack" BCP draft Stephen Farrell
- Re: [perpass] "Its an attack" BCP draft Brian E Carpenter
- Re: [perpass] "Its an attack" BCP draft Stephen Farrell
- Re: [perpass] "Its an attack" BCP draft joel jaeggli
- Re: [perpass] "Its an attack" BCP draft Rob Stradling
- Re: [perpass] "Its an attack" BCP draft Ted Lemon
- Re: [perpass] "Its an attack" BCP draft joel jaeggli
- Re: [perpass] "Its an attack" BCP draft Stephen Farrell
- Re: [perpass] "Its an attack" BCP draft Ted Lemon
- Re: [perpass] "Its an attack" BCP draft Paul Ferguson
- Re: [perpass] "Its an attack" BCP draft Fred Baker (fred)
- Re: [perpass] "Its an attack" BCP draft Fred Baker (fred)
- Re: [perpass] "Its an attack" BCP draft Stephen Farrell
- Re: [perpass] "Its an attack" BCP draft Yoav Nir
- Re: [perpass] "Its an attack" BCP draft Phillip Hallam-Baker
- Re: [perpass] "Its an attack" BCP draft Jon Callas
- Re: [perpass] "Its an attack" BCP draft Robin Wilton
- Re: [perpass] "Its an attack" BCP draft SM
- Re: [perpass] "Its an attack" BCP draft Stephen Kent
- Re: [perpass] "Its an attack" BCP draft Robin Wilton
- Re: [perpass] "Its an attack" BCP draft Warren Kumari
- Re: [perpass] "Its an attack" BCP draft Dean Willis
- Re: [perpass] "Its an attack" BCP draft Jari Arkko