Re: [Secdispatch] [Smart] New Version Notification for draft-lazanski-smart-users-internet-00.txt

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Sun, 14 July 2019 02:07 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D858120071 for <secdispatch@ietfa.amsl.com>; Sat, 13 Jul 2019 19:07:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2GVjyN-L3QKY for <secdispatch@ietfa.amsl.com>; Sat, 13 Jul 2019 19:07:18 -0700 (PDT)
Received: from mail-ot1-x334.google.com (mail-ot1-x334.google.com [IPv6:2607:f8b0:4864:20::334]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1FC9312006F for <Secdispatch@ietf.org>; Sat, 13 Jul 2019 19:07:18 -0700 (PDT)
Received: by mail-ot1-x334.google.com with SMTP id 66so268010oth.7 for <Secdispatch@ietf.org>; Sat, 13 Jul 2019 19:07:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=mEZp7X4OuIA0tRChvK/Iq6BBGVxq+m4r/lH7sEp8AXk=; b=lyQsQ7eBDmt8diMHOGqnWgaUzh7GxUgs3S5CBIKaDqUz4jx+xzaQkJC1wIOzEH+nYm Qx4Ndr/mLWCjTehl1DPk4yUJle5eVYDYq+wYjP17xAcVuccJAUyY3XErTBn36bYw3UYA DHCJ+29EK+gOkBW/0z0G6sqkuLykZsvrsYxNf94M22PafPqpmazjQqtNTTOofLNeBUW7 tBopFewvw7tSmh5fjp57jU+Wq5JpCLw2fdCds0zpepPGdMm/xjmLVD8OX1phcj0HiWTd iPdvPlO6MAtX41yOPl3Wah9sCzlHuJDchqQW5Ho/Lor3ysFIsg5hSxkdcMlRgptA9IEl NiMQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=mEZp7X4OuIA0tRChvK/Iq6BBGVxq+m4r/lH7sEp8AXk=; b=WJLY/Nih3iPNNhk05Tg9bnJqq+TiJlu5GNRrw7NV9Qb4g5VRis0uZE3yLkMJWbIY3+ V7T5FNb0UM8/VIESiL4hdfimp1sHPZHBGvR0lh4f8w8J6krvP8JHKZnyneETgn2KjSJn ps+vnTKdUpG+8dOcK4NtnIyWDnWaJtgupWzOeltZE8VB6kW06YDp1ZzmoxQxAlSf/fzU ryLTC2W9IC7TpwzwBe7QB9BJOeGeQiDC0FmRw90r8R3LEbIl7t9grxWGp4FSfF/CrPX7 9D0f5/nJd7aABlUBXT03R0LsAubf5AZuDg2gRBhHAuMZ3oSU9Xd4QgYWEzFoAG8vFlwQ aJHA==
X-Gm-Message-State: APjAAAUec/cBA0fctVNbsw5EIMz7jWpExBIwJPBNJ/YlTWmy2pFm1hWj K5Yhr16FfBIowuAXfKoSRUIZ1WsLcPxUjtLTuRQdelMo
X-Google-Smtp-Source: APXvYqyCL9XIQUtZHksCv7melyD/YUezsTw8nl8E4TZ+xmMjoutJNkFZCdUR8cQrF+i99H81Rr92uOzR5pkwFv84VV0=
X-Received: by 2002:a9d:76ce:: with SMTP id p14mr4586130otl.342.1563070037366; Sat, 13 Jul 2019 19:07:17 -0700 (PDT)
MIME-Version: 1.0
References: <0A8948DB-F97C-4F68-9173-7E627FB5019C@lastpresslabel.com> <4B10655B-8753-4B10-ACC9-16D7F78AD9F9@gmail.com> <CAMm+Lwh3KW6ZBbMktwmLcKyY8=_ysLYJF_7MsAuiOat6baQ=Kg@mail.gmail.com> <B551EF79-7E6E-4C4E-ADCA-6538F7972222@gmail.com> <CAMm+Lwg+2RFiXK43nJv7pD3OgM8y=ziVYxBkXD3F2kJyz37SxQ@mail.gmail.com> <50E59504-CA00-4792-AA72-FC08051E2486@gmail.com>
In-Reply-To: <50E59504-CA00-4792-AA72-FC08051E2486@gmail.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Sat, 13 Jul 2019 22:06:58 -0400
Message-ID: <CAHbuEH5WUv-a4nKt5YAZosO-vE773Jh3xn1+-hA=4J7RBERc3g@mail.gmail.com>
To: Dominique Lazanski <dml@lastpresslabel.com>
Cc: smart@irtf.org, IETF SecDispatch <Secdispatch@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000561c80058d9a9a54"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/RhKXy8Uzbsmbt6tnnDcM9yCfUkQ>
Subject: Re: [Secdispatch] [Smart] New Version Notification for draft-lazanski-smart-users-internet-00.txt
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 14 Jul 2019 02:07:20 -0000

Dominique,

Thank you for your work on this draft.  It's a good start toward broadening
the conversation on the Internet threat model and I do agree that is
necessary.

The other recent threat model drafts don't cover the points raised, but
none of the three threat model drafts cover all threats. I'm not sure if
there are other threat model drafts I have missed as well.

I like the focus, but think as the draft goes on, broadening the scope to
look at the full threat model would be very helpful towards something the
IETF participants might buy into (I could be wrong here, but this is what I
suspect).  We can't look solely at the end point as the IETF is concerned
mostly with on-the-wire protocols.  In some RFCs, there are clear
requirements on end point security, but this is not particularly common.
It would be good to see the sort of changes proposed added into a revision
of 3552 in my opinion.  However, we do need to think about surveillance and
other threats too.  One of DKG's points from a panel at RSA was that boxes
that intercept traffic and are capable of decrypting that traffic is a
target rich environment.  I agree with that point.

We are in a tough spot as crypto has become stronger, but the endpoints
have not become more secure or even capable of detecting the threats that
were blocked in-the-middle previously.  I think adding this point into your
draft would be helpful as we (as a community) rethink the threat model.

I'd be very happy to discuss this further.

Also - is this a request to present at SecDispatch?

Thank you,
Kathleen

Sorry for the top-post, but I was not responding the the thread besides
Dominique's initial message.


>>> On Jul 8, 2019, at 12:54 PM, Dominique Lazanski <dml@lastpresslabel.com>
>>> wrote:
>>>
>>> Cross posting to this mailing list.
>>>
>>> Dominique
>>>
>>> A new version of I-D, draft-lazanski-smart-users-internet-00.txt
>>> has been successfully submitted by Dominique Lazanski and posted to the
>>> IETF repository.
>>>
>>> Name:        draft-lazanski-smart-users-internet
>>> Revision:    00
>>> Title:        An Internet for Users Again
>>> Document date:    2019-07-08
>>> Group:        Individual Submission
>>> Pages:        12
>>> URL:
>>> https://www.ietf.org/internet-drafts/draft-lazanski-smart-users-internet-00.txt
>>> Status:
>>> https://datatracker.ietf.org/doc/draft-lazanski-smart-users-internet/
>>> Htmlized:
>>> https://tools.ietf.org/html/draft-lazanski-smart-users-internet-00
>>> Htmlized:
>>> https://datatracker.ietf.org/doc/html/draft-lazanski-smart-users-internet
>>>
>>>
>>> Abstract:
>>>   RFC 3552 introduces a threat model that does not include endpoint
>>>   security. In the fifteen years since RFC 3552 security issues and
>>>   cyber attacks have increased, especially on the endpoint. This
>>>   document proposes a new approach to Internet cyber security protocol
>>>   development that focuses on the user of the Internet, namely those
>>>   who use the endpoint and are the most vulnerable to attacks.
>>> --
>>> Smart mailing list
>>> Smart@irtf.org
>>> https://www.irtf.org/mailman/listinfo/smart
>>>
>>>
>>> _______________________________________________
>>> Secdispatch mailing list
>>> Secdispatch@ietf.org
>>> https://www.ietf.org/mailman/listinfo/secdispatch
>>>
>>
>>
> _______________________________________________
> Secdispatch mailing list
> Secdispatch@ietf.org
> https://www.ietf.org/mailman/listinfo/secdispatch
>


-- 

Best regards,
Kathleen