[proxies] New Version Notification for draft-hoeper-proxythreat-02

"Hoeper Katrin-QWKN37" <khoeper@motorola.com> Mon, 09 March 2009 14:50 UTC

Return-Path: <khoeper@motorola.com>
X-Original-To: proxies@core3.amsl.com
Delivered-To: proxies@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C45DD3A6CB8 for <proxies@core3.amsl.com>; Mon, 9 Mar 2009 07:50:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mZiMXogsmrAU for <proxies@core3.amsl.com>; Mon, 9 Mar 2009 07:50:00 -0700 (PDT)
Received: from mail55.messagelabs.com (mail55.messagelabs.com [216.82.241.163]) by core3.amsl.com (Postfix) with ESMTP id B9DFA3A6CD7 for <proxies@ietf.org>; Mon, 9 Mar 2009 07:49:18 -0700 (PDT)
X-VirusChecked: Checked
X-Env-Sender: khoeper@motorola.com
X-Msg-Ref: server-4.tower-55.messagelabs.com!1236610191!85326286!1
X-StarScan-Version: 6.0.0; banners=-,-,-
X-Originating-IP: [129.188.136.8]
Received: (qmail 32539 invoked from network); 9 Mar 2009 14:49:51 -0000
Received: from motgate8.mot.com (HELO motgate8.mot.com) (129.188.136.8) by server-4.tower-55.messagelabs.com with AES256-SHA encrypted SMTP; 9 Mar 2009 14:49:51 -0000
Received: from il06exr02.mot.com (il06exr02.mot.com [129.188.137.132]) by motgate8.mot.com (8.14.3/8.14.3) with ESMTP id n29EnpNf009149 for <proxies@ietf.org>; Mon, 9 Mar 2009 07:49:51 -0700 (MST)
Received: from il06vts02.mot.com (il06vts02.mot.com [129.188.137.142]) by il06exr02.mot.com (8.13.1/Vontu) with SMTP id n29EnpL3013183 for <proxies@ietf.org>; Mon, 9 Mar 2009 09:49:51 -0500 (CDT)
Received: from de01exm66.ds.mot.com (de01exm66.am.mot.com [10.176.8.17]) by il06exr02.mot.com (8.13.1/8.13.0) with ESMTP id n29Eno7S013176 for <proxies@ietf.org>; Mon, 9 Mar 2009 09:49:50 -0500 (CDT)
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Mon, 9 Mar 2009 10:49:46 -0400
Message-ID: <B4BD493F5C741B48A19DE1DF52C28BEF04EE85E3@de01exm66.ds.mot.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: New Version Notification for draft-hoeper-proxythreat-02
Thread-Index: AcmgxFc9JC6nRmV3Ri+qahfTgEbMrgAACF0g
From: "Hoeper Katrin-QWKN37" <khoeper@motorola.com>
To: <proxies@ietf.org>
X-CFilter-Loop: Reflected
Subject: [proxies] New Version Notification for draft-hoeper-proxythreat-02
X-BeenThere: proxies@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion list for ad hoc group interested in security and proxies <proxies.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/proxies>, <mailto:proxies-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/proxies>
List-Post: <mailto:proxies@ietf.org>
List-Help: <mailto:proxies-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/proxies>, <mailto:proxies-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Mar 2009 14:50:00 -0000

Hi everybody,

A new version of the proxy draft has been posted and is available at
http://www.ietf.org/internet-drafts/draft-hoeper-proxythreat-02.txt.

The new version attempts to address most comments that have been
previously posted to this list and some of the discussions at IETF 73.
One major difference is that the new draft describes current practices
that mitigate some of the identified threats by proxies.

I won't be able to continue as an editor and Stefan Winter agreed to act
as the new editor of the draft. Stefan will also replace me as the
moderator of the proxy email list. Thank you Stefan!

Please read the new draft and provide your comments or even better
provide some text to Stefan and become a co-author. Much work remains to
be done and volunteers are needed, especially if the draft should be
formed into a "best practices" document.

Best regards,
Katrin


-----Original Message-----
From: IETF I-D Submission Tool [mailto:idsubmission@ietf.org] 
Sent: Monday, March 09, 2009 9:35 AM
To: Hoeper Katrin-QWKN37
Cc: stefan.winter@restena.lu
Subject: New Version Notification for draft-hoeper-proxythreat-02 


A new version of I-D, draft-hoeper-proxythreat-02.txt has been
successfuly submitted by Katrin Hoeper and posted to the IETF
repository.

Filename:	 draft-hoeper-proxythreat
Revision:	 02
Title:		 Threat Model for Networks Employing AAA Proxies
Creation_date:	 2009-03-09
WG ID:		 Independent Submission
Number_of_pages: 23

Abstract:
This memo defines a threat model for access networks with AAA
proxies.  Use cases of current and future applications in which AAA
proxies are employed are described and it is discussed how proxies
could launch attacks in the defined use cases.  The risk associated
with these attacks in each use case is analyzed.  In addition,
mitigation techniques used in current AAA deployments are discussed
and best practices for mitigating the identified attacks are
identified.  As a result, this draft can serve as a guideline for
risk assessments and problem mitigation by providers, implementers
and protocol designers of systems with proxies.
 



The IETF Secretariat.