Re: [saag] Side meeting on USG efforts to combat botnets, Wednesday at 3:15
Joseph Lorenzo Hall <joe@cdt.org> Wed, 19 July 2017 14:05 UTC
Return-Path: <jhall@cdt.org>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DDC4A126CD8 for <saag@ietfa.amsl.com>; Wed, 19 Jul 2017 07:05:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cdt.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4PRoM9N2o0dR for <saag@ietfa.amsl.com>; Wed, 19 Jul 2017 07:05:14 -0700 (PDT)
Received: from mail-vk0-x22c.google.com (mail-vk0-x22c.google.com [IPv6:2607:f8b0:400c:c05::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8EA06131473 for <saag@ietf.org>; Wed, 19 Jul 2017 07:05:14 -0700 (PDT)
Received: by mail-vk0-x22c.google.com with SMTP id f68so743960vkg.2 for <saag@ietf.org>; Wed, 19 Jul 2017 07:05:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cdt.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=H5QytZoNIxtbHts/9+G5M13dWnbejGokuSY8p1n1ZAY=; b=DzNbif/cXDD9WqWjAlGbQ/vWUEttyRKaMGSHnOUJvsIldiFDLAB2HRw9GT1zbcOXyj phnd+C4HlCzsJdpeoOxKSuGgHJiTJapaQW2uIkEU3aAIE69wXMXvmgIqP6mZP1wREtHW ZvjDWyWAOYKlhY2QHjXKoez3iNOkGCioXhkW0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=H5QytZoNIxtbHts/9+G5M13dWnbejGokuSY8p1n1ZAY=; b=dtTrn31iuigjVuiD3Tm8TXOIXA3QSs+HsAgcmH/mbsBAxP8/gqe5JYXqemNGlThmsH L/VUzn1uTzMYHK/97ndPlBni4ifiwFZcUMQDaI8LsQtvOA1JBwO4dfUasgsdI2N6+MW8 csUjDbpjtcDaqqotbFhyeEyX1m2oTpe9TCw3QpIAk0OGBusB7ji/SQBOo4ewv6IPIB8F lJVmiozFmqxtELaXPV09YhH4v/gkk5wdig3yCOhzaKAZ2GHEVVrBH0JoZ2WjZ3HRNGe8 +Qq3tJW8qi6WteF865QTxyWwViN+zkBGeCqlZF3oWqsQBcsgg6oV25yaTk/C3r/FH7Wy 4GfQ==
X-Gm-Message-State: AIVw110oiTChf/qpgpjSCrkz+k/1HyKI6hwU7lwHEtzQvXyO/xSo8Uzq RUPGqEpYB07HHeS2JrmD3BZMWfBQ2x4m
X-Received: by 10.31.115.206 with SMTP id o197mr98657vkc.27.1500473113477; Wed, 19 Jul 2017 07:05:13 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.103.72.137 with HTTP; Wed, 19 Jul 2017 07:04:52 -0700 (PDT)
In-Reply-To: <DM2PR09MB0778F6B4E4111775B158EBB5E7A10@DM2PR09MB0778.namprd09.prod.outlook.com>
References: <DM2PR09MB0778F6B4E4111775B158EBB5E7A10@DM2PR09MB0778.namprd09.prod.outlook.com>
From: Joseph Lorenzo Hall <joe@cdt.org>
Date: Wed, 19 Jul 2017 16:04:52 +0200
Message-ID: <CABtrr-XiCRA4KL5_eRA49tmFvrG0KXmLF1KaBLZYDGyimFP-1A@mail.gmail.com>
To: "Polk, Tim (Fed)" <william.polk@nist.gov>
Cc: "saag@ietf.org" <saag@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c14990eec919e0554ac1ea4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/3iPyIf-M6NFdDtTfMRhxYPjG_P0>
Subject: Re: [saag] Side meeting on USG efforts to combat botnets, Wednesday at 3:15
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jul 2017 14:05:17 -0000
Richard Barnes pointed to this I-D that looks pretty damn good here in terms of a floor for IoT technical requirements: https://tools.ietf.org/html/draft-moore-iot-security-bcp-01 On Tue, Jul 18, 2017 at 11:51 AM, Polk, Tim (Fed) <william.polk@nist.gov> wrote: > Folks, > > > > I have reserved the side meeting room (Tyrolka, Mezzanine Level) on > Wednesday from 3:15 – 4:30 for an informal discussion of an ongoing US > Government effort to combat botnets and other “automated, distributed > threats” to the Internet. This effort will produce a document that > identifies and promotes “action by appropriate stakeholders” by May of 2018. > Given that the USG does not own or operate the Internet, such an effort is > always at risk of creating shelfware, and I am too old to waste my time > that way. To ensure that actions identified in the report are pragmatic > and effective, I would like to encourage participation by members of this > community. > > > > If you have an interest, please join me in Tyrolka tomorrow afternoon or > catch me in the hallway between meetings. > > > > For those with an interest, here is some additional background > information, including an immediate opportunity to participate: > > > > Executive Order 13800, Strengthening the Cybersecurity of Federal Networks > and Critical Infrastructure, which was issued May 11, 2017, requires the > Secretaries of Commerce and Homeland Security to “jointly lead an open and > transparent process to identify and promote action by appropriate > stakeholders to improve the resilience of the internet and communications > ecosystem and to encourage collaboration with the goal of dramatically > reducing threats perpetrated by automated and distributed attacks (e.g., > botnets).” > > > > The executive order requires Commerce and DHS to issue a draft report in > 240 days (January 5, 2018) and submit a final report to the President one > year after issuance (May 11, 2018). Given this aggressive timeline, > there are several different (but hopefully complementary) workstreams > underway at Commerce and DHS that may be of interest. In particular: > > > > (1) The National Telecommunications and Information Administration (NTIA) > published a “Request for Comments on Promoting Stakeholder Action Against > Botnets and Other Automated Threats” on June 8. In the request, “NTIA > seeks broad input from all interested stakeholders—including private > industry, academia, civil society, and other security experts—on ways to > improve industry’s ability to reduce threats perpetuated by automated > distributed attacks, such as botnets, and what role, if any, the U.S. > Government should play in this area.” NTIA would definitely appreciate > comments from members of this community! > > > > Additional details may be in the full text of the request for comments, > found in > > https://www.gpo.gov/fdsys/pkg/FR-2017-06-13/pdf/2017-12192.pdf > > > > Note that the official comment period was extended to July 28 in > > https://www.gpo.gov/fdsys/pkg/FR-2017-06-22/pdf/2017-13034.pdf > > > > (2) Last week, NIST hosted a public workshop on “Enhancing Resilience of > the Internet and Communications Ecosystem”. 150 participants from a range > of industry sectors, civil society, and government participated in a day > and half workshop. The workshop explored a range of current and > emerging solutions to enhance the resiliency of the Internet against > automated, distributed threats. The workshop agenda is available at > > https://www.nist.gov/sites/default/files/documents/2017/ > 07/10/final-draft-agenda-resilience-workshop-070517.pdf > > > > NIST plans to summarize results in a workshop report for publication in > September 2017. > > > > Regards, > > > > Tim Polk > > > > > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > > -- Joseph Lorenzo Hall Chief Technologist, Center for Democracy & Technology [https://www.cdt.org] 1401 K ST NW STE 200, Washington DC 20005-3497 e: joe@cdt.org, p: 202.407.8825, pgp: https://josephhall.org/gpg-key Fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871
- [saag] Side meeting on USG efforts to combat botn… Polk, Tim (Fed)
- Re: [saag] Side meeting on USG efforts to combat … Joseph Lorenzo Hall
- Re: [saag] Side meeting on USG efforts to combat … Beth Flippo