[proxies] New Version Notification for draft-hoeper-proxythreat-02
"Hoeper Katrin-QWKN37" <khoeper@motorola.com> Mon, 09 March 2009 14:50 UTC
Return-Path: <khoeper@motorola.com>
X-Original-To: proxies@core3.amsl.com
Delivered-To: proxies@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C45DD3A6CB8 for <proxies@core3.amsl.com>; Mon, 9 Mar 2009 07:50:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mZiMXogsmrAU for <proxies@core3.amsl.com>; Mon, 9 Mar 2009 07:50:00 -0700 (PDT)
Received: from mail55.messagelabs.com (mail55.messagelabs.com [216.82.241.163]) by core3.amsl.com (Postfix) with ESMTP id B9DFA3A6CD7 for <proxies@ietf.org>; Mon, 9 Mar 2009 07:49:18 -0700 (PDT)
X-VirusChecked: Checked
X-Env-Sender: khoeper@motorola.com
X-Msg-Ref: server-4.tower-55.messagelabs.com!1236610191!85326286!1
X-StarScan-Version: 6.0.0; banners=-,-,-
X-Originating-IP: [129.188.136.8]
Received: (qmail 32539 invoked from network); 9 Mar 2009 14:49:51 -0000
Received: from motgate8.mot.com (HELO motgate8.mot.com) (129.188.136.8) by server-4.tower-55.messagelabs.com with AES256-SHA encrypted SMTP; 9 Mar 2009 14:49:51 -0000
Received: from il06exr02.mot.com (il06exr02.mot.com [129.188.137.132]) by motgate8.mot.com (8.14.3/8.14.3) with ESMTP id n29EnpNf009149 for <proxies@ietf.org>; Mon, 9 Mar 2009 07:49:51 -0700 (MST)
Received: from il06vts02.mot.com (il06vts02.mot.com [129.188.137.142]) by il06exr02.mot.com (8.13.1/Vontu) with SMTP id n29EnpL3013183 for <proxies@ietf.org>; Mon, 9 Mar 2009 09:49:51 -0500 (CDT)
Received: from de01exm66.ds.mot.com (de01exm66.am.mot.com [10.176.8.17]) by il06exr02.mot.com (8.13.1/8.13.0) with ESMTP id n29Eno7S013176 for <proxies@ietf.org>; Mon, 9 Mar 2009 09:49:50 -0500 (CDT)
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Mon, 09 Mar 2009 10:49:46 -0400
Message-ID: <B4BD493F5C741B48A19DE1DF52C28BEF04EE85E3@de01exm66.ds.mot.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: New Version Notification for draft-hoeper-proxythreat-02
Thread-Index: AcmgxFc9JC6nRmV3Ri+qahfTgEbMrgAACF0g
From: Hoeper Katrin-QWKN37 <khoeper@motorola.com>
To: proxies@ietf.org
X-CFilter-Loop: Reflected
Subject: [proxies] New Version Notification for draft-hoeper-proxythreat-02
X-BeenThere: proxies@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion list for ad hoc group interested in security and proxies <proxies.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/proxies>, <mailto:proxies-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/proxies>
List-Post: <mailto:proxies@ietf.org>
List-Help: <mailto:proxies-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/proxies>, <mailto:proxies-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Mar 2009 14:50:00 -0000
Hi everybody, A new version of the proxy draft has been posted and is available at http://www.ietf.org/internet-drafts/draft-hoeper-proxythreat-02.txt. The new version attempts to address most comments that have been previously posted to this list and some of the discussions at IETF 73. One major difference is that the new draft describes current practices that mitigate some of the identified threats by proxies. I won't be able to continue as an editor and Stefan Winter agreed to act as the new editor of the draft. Stefan will also replace me as the moderator of the proxy email list. Thank you Stefan! Please read the new draft and provide your comments or even better provide some text to Stefan and become a co-author. Much work remains to be done and volunteers are needed, especially if the draft should be formed into a "best practices" document. Best regards, Katrin -----Original Message----- From: IETF I-D Submission Tool [mailto:idsubmission@ietf.org] Sent: Monday, March 09, 2009 9:35 AM To: Hoeper Katrin-QWKN37 Cc: stefan.winter@restena.lu Subject: New Version Notification for draft-hoeper-proxythreat-02 A new version of I-D, draft-hoeper-proxythreat-02.txt has been successfuly submitted by Katrin Hoeper and posted to the IETF repository. Filename: draft-hoeper-proxythreat Revision: 02 Title: Threat Model for Networks Employing AAA Proxies Creation_date: 2009-03-09 WG ID: Independent Submission Number_of_pages: 23 Abstract: This memo defines a threat model for access networks with AAA proxies. Use cases of current and future applications in which AAA proxies are employed are described and it is discussed how proxies could launch attacks in the defined use cases. The risk associated with these attacks in each use case is analyzed. In addition, mitigation techniques used in current AAA deployments are discussed and best practices for mitigating the identified attacks are identified. As a result, this draft can serve as a guideline for risk assessments and problem mitigation by providers, implementers and protocol designers of systems with proxies. The IETF Secretariat.
- [proxies] New Version Notification for draft-hoep… Hoeper Katrin-QWKN37
- Re: [proxies] New Version Notification for draft-… Stefan Winter
- Re: [proxies] New Version Notification for draft-… Klaas Wierenga