IETF Logo Mail Archive

[secdir] Discussion from the Security Directorate

Fred Baker <fred@cisco.com> Mon, 27 July 2009 11:37 UTC

Return-Path: <fred@cisco.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B8C1A28C215 for <secdir@core3.amsl.com>; Mon, 27 Jul 2009 04:37:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -109.683
X-Spam-Level:
X-Spam-Status: No, score=-109.683 tagged_above=-999 required=5 tests=[AWL=0.316, BAYES_00=-2.599, J_CHICKENPOX_13=0.6, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8ZMR4KRAOu6a for <secdir@core3.amsl.com>; Mon, 27 Jul 2009 04:37:02 -0700 (PDT)
Received: from ams-iport-1.cisco.com (ams-iport-1.cisco.com [144.254.224.140]) by core3.amsl.com (Postfix) with ESMTP id 0518628C1BA for <secdir@ietf.org>; Mon, 27 Jul 2009 04:37:00 -0700 (PDT)
X-Files: Recommendation of IPv6 Security work--on the flight-2.ppt : 32256
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ak0AAMMtbUqQ/uCLe2dsb2JhbACBUZguAQEWJAaeE4gojWQFhA2BTQ
X-IronPort-AV: E=Sophos; i="4.43,276,1246838400"; d="ppt'32?scan'32,208,32"; a="45902173"
Received: from ams-dkim-2.cisco.com ([144.254.224.139]) by ams-iport-1.cisco.com with ESMTP; 27 Jul 2009 11:37:01 +0000
Received: from ams-core-1.cisco.com (ams-core-1.cisco.com [144.254.224.150]) by ams-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id n6RBb0IU031900; Mon, 27 Jul 2009 13:37:00 +0200
Received: from dhcp-56c8.meeting.ietf.org (dhcp-10-61-101-160.cisco.com [10.61.101.160]) by ams-core-1.cisco.com (8.13.8/8.14.3) with ESMTP id n6RBaxGQ014558; Mon, 27 Jul 2009 11:37:00 GMT
Message-Id: <633E561F-48D1-42DE-A310-9E77DB0A87F1@cisco.com>
From: Fred Baker <fred@cisco.com>
To: Tina TSOU <tena@huawei.com>
In-Reply-To: <B40EE4C2-93AE-45A3-89AA-8601BFC76346@huawei.com>
Content-Type: multipart/mixed; boundary="Apple-Mail-40--195521586"
Mime-Version: 1.0 (Apple Message framework v935.3)
Date: Mon, 27 Jul 2009 13:36:57 +0200
References: <EDC652A26FB23C4EB6384A4584434A04018CF83B@307622ANEX5.global.avaya.com> <B40EE4C2-93AE-45A3-89AA-8601BFC76346@huawei.com>
X-Mailer: Apple Mail (2.935.3)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=46607; t=1248694620; x=1249558620; c=relaxed/simple; s=amsdkim2001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=fred@cisco.com; z=From:=20Fred=20Baker=20<fred@cisco.com> |Subject:=20Discussion=20from=20the=20Security=20Directorat e |Sender:=20; bh=xOalm+peeFE/s1aFM/GtQhy7SirzpmUFSxgE1uBNuYU=; b=vdrTJpWPAIKxN545DqRLJOtPNP9T6gWkQ3/vvyZvxLRARNMi6zL2NFFTUf mWAr3Y8rZptRakMvJRmkM20JHi0ZHhx/rbALdtBwpRrgdoFBWWFqzKF9WkId rvKL6jjMni;
Authentication-Results: ams-dkim-2; header.From=fred@cisco.com; dkim=pass ( sig from cisco.com/amsdkim2001 verified; );
Cc: 6man Chairs <6man-chairs@tools.ietf.org>, Joe Abley <jabley@ca.afilias.info>, 6man-ads@tools.ietf.org, secdir@ietf.org, Kurt Erik Lindqvist <kurtis@kurtis.pp.se>, Joel Jaeggli <joelja@bogus.com>, Softwire Chairs <softwire-chairs@tools.ietf.org>, v6ops-ads@tools.ietf.org, softwire-ads@tools.ietf.org, behave-ads@tools.ietf.org, Behave Chairs <behave-chairs@tools.ietf.org>
Subject: [secdir] Discussion from the Security Directorate
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Jul 2009 11:37:03 -0000

Thanks, Tina. I will add this to the IPv6 Operations agenda, probably  
during our second session Tuesday.

You will note that I am copying the chairs and ADs from several  
working groups. The reason is that the primary thrust of the comments  
you are making apply to work being done in those working groups. Slide  
5 specifically requests a threat analysis, security assessment, and  
"function recommendation" on each transition technology; these are in  
fact being done in behave and softwires. I mention 6man because  
marketing blather from the IPv6 form makes security claims for IPv6,  
which it would be good if that working group clarified.

I do have to ask specifically what the Security Directorate hopes to  
find in the three documents that have been requested for each of these  
various technologies. What, specifically, is a "function  
recommendation"? A threat analysis is a statement that there exist a  
set of possible threats. Is a security assessment a statement about  
how those threats are responded to? What, if the WGs don't produce it,  
is going to leave the Security Directorate feeling ill-used?

On Jul 27, 2009, at 12:56 PM, Tina TSOU wrote:

>
> B. R.
> ">http://tinatsou.weebly.com/contact.html

> Begin forwarded message:
>
>> From: "Romascanu, Dan (Dan)" <dromasca@avaya.com>
>> Date: July 27, 2009 7:52:20 AM GMT+02:00
>> To: Ron Bonica <rbonica@juniper.net>
>> Cc: Tina TSOU <tena@huawei.com>
>> Subject: FW: [OPS-DIR] Reminder: OPS-DIR working lunch
>>
>> Ron,
>>
>> This looks more like an opsec (who are not meeting this time) or  
>> v6ops
>> subject.
>>
>> Dan
>>
>>
>> -----Original Message-----
>> From: Tina TSOU [mailto:tena@huawei.com]
>> Sent: Monday, July 27, 2009 12:02 AM
>> To: Romascanu, Dan (Dan)
>> Subject: Re: [OPS-DIR] Reminder: OPS-DIR working lunch
>>
>> Hi Dan,
>> Could this be discussed at OPS-DIR working lunch?
> <Recommendation of IPv6 Security work--on the flight-2.ppt>
> <ATT4180184.txt>
>

v2.23.0 | Report a Bug | By Email