Re: [saag] Dots BOF and using data models for threat

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Tue, 24 March 2015 18:52 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B65BF1A8A80 for <saag@ietfa.amsl.com>; Tue, 24 Mar 2015 11:52:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5Gkjo9fpUQgR for <saag@ietfa.amsl.com>; Tue, 24 Mar 2015 11:52:12 -0700 (PDT)
Received: from mail-la0-x236.google.com (mail-la0-x236.google.com [IPv6:2a00:1450:4010:c03::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72C171A8AA5 for <saag@ietf.org>; Tue, 24 Mar 2015 11:51:52 -0700 (PDT)
Received: by labto5 with SMTP id to5so1699701lab.0 for <saag@ietf.org>; Tue, 24 Mar 2015 11:51:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=tAMwtzi/2w/Zyhw/T3BnucBDaQPuHVT12n7mjOhKE70=; b=gtlBY63dPHnAyDtZ+E5GInmQSdEwfi2rMO3rsHcFX5lKJcQuI+SGymLWsxIkcqGtda Gc+svknqqLkHI8dzxLyM/BODvFCQwzhgUPhWboEZGBlmVDUgTQREhj1M30KETQJ6eV3R E1L33OrZu24lagAt8HJAn9WohNEEAJpR1NDtypLXQHnw69cWzA7kpPMepLU3irgtfmvo bquj95U6Wdvez8YNrPkEV6OXQBcz/ksGY0Wp0WktSZ0u2h+/hdEYt0yYQ8gLIZdP8OGq fOloRNYR8Qyoa07MLRGyJqavJ1uyMSudA9A0cnnWeH7TFb/4Fa5wk0AGwo+NVF/HMF0p aw5w==
MIME-Version: 1.0
X-Received: by 10.152.25.132 with SMTP id c4mr5042138lag.4.1427223110864; Tue, 24 Mar 2015 11:51:50 -0700 (PDT)
Received: by 10.112.167.101 with HTTP; Tue, 24 Mar 2015 11:51:50 -0700 (PDT)
In-Reply-To: <CADZyTkk5h8MSmUxmpU4s-o_+NDf_CDjUCh2-co5sgO6eFp_1yA@mail.gmail.com>
References: <CADZyTkk5h8MSmUxmpU4s-o_+NDf_CDjUCh2-co5sgO6eFp_1yA@mail.gmail.com>
Date: Tue, 24 Mar 2015 14:51:50 -0400
Message-ID: <CAHbuEH5LUT8BJpjQS2oGuBZdkbdPbQG3xY+aRJwKhn4rQT3uyQ@mail.gmail.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
To: Daniel Migault <mglt.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="089e0160b9b089d4ea05120d462c"
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/c0f7KhVXZrL5tOVNuO-KU6W3JAE>
Cc: "saag@ietf.org" <saag@ietf.org>
Subject: Re: [saag] Dots BOF and using data models for threat
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Mar 2015 18:52:14 -0000

Thanks for your comment.  There is a list for DOTS, so let's continue the
conversation on that list. If you are interested and have not joined the
list, please do so.  The BoF is in the next meeting slot.

Could you resend your message to dots@ietf.org?

Thanks!

On Tue, Mar 24, 2015 at 2:49 PM, Daniel Migault <mglt.ietf@gmail.com> wrote:

> Hi,
>
> Looking at the coming BOF on DDoS, I would be interested to have opinions
> on whether using an information model to describe the threats would be
> useful to derive the appropriated events to track/measure. Appropriated
> alarms could be reported in order to take the appropriated mitigating
> actions.
>
> I believe questions could be:
>     - 1) Your opinion on feasibility and level of complexity?
>     - 2) Your opinion on advantages in term of management, deployment...?
>
>     - 3) Your opinion on how it could ease addressing future threats?
>
> Feel free to make any additional comments!
>
> --
> Daniel Migault
> Ericsson
>
> _______________________________________________
> saag mailing list
> saag@ietf.org
> https://www.ietf.org/mailman/listinfo/saag
>
>


-- 

Best regards,
Kathleen