IETF Logo Mail Archive

Re: [RPSEC] comments on draft-beard-rpsec-routing-threats-01.txt

Stephen Kent <kent@bbn.com> Thu, 13 March 2003 22:37 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA22237 for <rpsec-archive@odin.ietf.org>; Thu, 13 Mar 2003 17:37:35 -0500 (EST)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h2DMqEN06722 for rpsec-archive@odin.ietf.org; Thu, 13 Mar 2003 17:52:14 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h2DMqEO06719 for <rpsec-web-archive@optimus.ietf.org>; Thu, 13 Mar 2003 17:52:14 -0500
Received: from www1.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA22232 for <rpsec-web-archive@ietf.org>; Thu, 13 Mar 2003 17:37:04 -0500 (EST)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h2DMpFO06697; Thu, 13 Mar 2003 17:51:15 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h2DMoWO06667 for <rpsec@optimus.ietf.org>; Thu, 13 Mar 2003 17:50:32 -0500
Received: from aragorn.bbn.com (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA22202 for <rpsec@ietf.org>; Thu, 13 Mar 2003 17:35:22 -0500 (EST)
Received: from [128.89.88.34] (comsec.bbn.com [128.89.88.34]) by aragorn.bbn.com (8.12.7/8.12.7) with ESMTP id h2DMbX5w012771; Thu, 13 Mar 2003 17:37:33 -0500 (EST)
Mime-Version: 1.0
X-Sender: kent@po2.bbn.com
Message-Id: <p05100302ba96b7b1878f@[128.89.88.34]>
In-Reply-To: <200303112230.h2BMUpm26322@raven.gw.tislabs.com>
References: <200303112230.h2BMUpm26322@raven.gw.tislabs.com>
Date: Thu, 13 Mar 2003 17:34:51 -0500
To: sandy@tislabs.com
From: Stephen Kent <kent@bbn.com>
Subject: Re: [RPSEC] comments on draft-beard-rpsec-routing-threats-01.txt
Cc: rpsec@ietf.org, sandy@tislabs.com
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Scanned-By: MIMEDefang 2.28 (www . roaringpenguin . com / mimedefang)
Sender: rpsec-admin@ietf.org
Errors-To: rpsec-admin@ietf.org
X-BeenThere: rpsec@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/rpsec>, <mailto:rpsec-request@ietf.org?subject=unsubscribe>
List-Id: Routing Protocol Security Requirements <rpsec.ietf.org>
List-Post: <mailto:rpsec@ietf.org>
List-Help: <mailto:rpsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/rpsec>, <mailto:rpsec-request@ietf.org?subject=subscribe>

At 5:30 PM -0500 3/11/03, sandy@tislabs.com wrote:
>I'm attempting to send some comments on the threats draft.  I've tried
>to organize them so it's not so daunting to read through.
>
>There are 10 (most are real small, don't despair)
>Topic 1: Section 3.1 Threat Sources
>Topic 2: Section 4.5 Underclaiming - is this a legitimate threat?
>Topic 3:  Section 4.4 Spoofing
>Topic 4: Section 4.5 terminology - "Ownership"
>Topic 5:  4.3 Traffic Analysis - really a threat against routing protocol?
>Topic 6: Section 4.1 Deliberate Exposure
>Topic 7: Section 4.8 Byzantine Failures
>Topic 8: Section 4.9 Discarding of Control Packets (aka underclaiming?)
>Topic 9:  Section 4.10 Network Mapping Threat
>Topic 10:  Section 4.7 Overload
>Topic 11: Section 3.2 Threat Actions vs Section 4 "Generally...Threat Actions"
>
>--Sandy

BTW, these are attacks, not threats. (not your fault, Sandy.)  I 
still maintain that we need a threat model, not just a list of 
attacks. As I noted some time ago, this list does not persuade anyone 
that we have performed a top-down analysis of the problem space and 
are in a position to generate requirements as a result.

Steve
_______________________________________________
RPSEC mailing list
RPSEC@ietf.org
https://www1.ietf.org/mailman/listinfo/rpsec

v2.23.0 | Report a Bug | By Email