IETF Logo Mail Archive

Re: [Smart] Future of SMART

"Diego R. Lopez" <diego.r.lopez@telefonica.com> Fri, 07 June 2019 17:52 UTC

Return-Path: <diego.r.lopez@telefonica.com>
X-Original-To: smart@ietfa.amsl.com
Delivered-To: smart@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C9AC12018E for <smart@ietfa.amsl.com>; Fri, 7 Jun 2019 10:52:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.009
X-Spam-Level:
X-Spam-Status: No, score=-2.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=telefonica.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OpBGWZN_AbFx for <smart@ietfa.amsl.com>; Fri, 7 Jun 2019 10:52:33 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60103.outbound.protection.outlook.com [40.107.6.103]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1B7951200D5 for <smart@irtf.org>; Fri, 7 Jun 2019 10:52:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telefonica.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2HL2vSZEekEhF8+nDTtpgiYXrwxpn46rmQ2ehR1IC9c=; b=fQLHoMA9nGZVpO7JSAXj/bULWZJPxtyvj8I2mLIX6FrxqeImfAb4gJeSfXJ2OcxTIR3UClqe13ck8ta0mYL3xn9Pj9GGDOzsyK31bNc9v+WhiTwpUaZA2LK/ziIHCH3fHS3hJnnCsAw20FILMT0/PCJ3x5WMuLP08EZq70k7k8o=
Received: from DB3PR0602MB3788.eurprd06.prod.outlook.com (52.134.70.148) by DB3PR0602MB3689.eurprd06.prod.outlook.com (52.134.71.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1965.12; Fri, 7 Jun 2019 17:52:15 +0000
Received: from DB3PR0602MB3788.eurprd06.prod.outlook.com ([fe80::10a7:71dd:5995:723d]) by DB3PR0602MB3788.eurprd06.prod.outlook.com ([fe80::10a7:71dd:5995:723d%3]) with mapi id 15.20.1965.011; Fri, 7 Jun 2019 17:52:15 +0000
From: "Diego R. Lopez" <diego.r.lopez@telefonica.com>
To: Kirsty P <Kirsty.p=40ncsc.gov.uk@dmarc.ietf.org>, "smart@irtf.org" <smart@irtf.org>
Thread-Topic: [Smart] Future of SMART
Thread-Index: AQHVHVm9D9yytP9U7EidLccdCpZY7A==
Date: Fri, 07 Jun 2019 17:52:15 +0000
Message-ID: <EFC3FB41-DCC4-4082-9897-60F6B7C00BBC@telefonica.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.a.190512
authentication-results: spf=none (sender IP is ) smtp.mailfrom=diego.r.lopez@telefonica.com;
x-originating-ip: [88.6.226.182]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 35d3b16d-8d00-4768-a66e-08d6eb70e065
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:DB3PR0602MB3689;
x-ms-traffictypediagnostic: DB3PR0602MB3689:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <DB3PR0602MB3689D2D8A5413482F70E3514DF100@DB3PR0602MB3689.eurprd06.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0061C35778
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(346002)(136003)(396003)(376002)(39860400002)(199004)(189003)(40134004)(316002)(6246003)(786003)(81166006)(2616005)(58126008)(3846002)(26005)(8936002)(99286004)(476003)(36756003)(53936002)(478600001)(2906002)(6506007)(45080400002)(71200400001)(6486002)(6306002)(54896002)(71190400001)(6436002)(33656002)(236005)(82746002)(6512007)(83716004)(81156014)(66476007)(66946007)(68736007)(486006)(102836004)(606006)(186003)(110136005)(91956017)(66556008)(64756008)(66446008)(14454004)(76116006)(14444005)(966005)(2501003)(256004)(6116002)(790700001)(25786009)(229853002)(66574012)(8676002)(5660300002)(86362001)(66066001)(7736002)(73956011)(19607625011); DIR:OUT; SFP:1102; SCL:1; SRVR:DB3PR0602MB3689; H:DB3PR0602MB3788.eurprd06.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: telefonica.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 7yfMUEwgvGmOEMOsp6aVEdJ2+yvdcLOJ0eKDPIDN0ExQKRIxmc1WWFxTvruwuU+GoczfJijYkgqqopd1UymftNpxA0CHnb1aIpgBLyGcVs1V49KNk2S6t/LVi79SpJSTyAJ+9oHrkrjp75s0GYOS6uCcy4EqfFfmEL2SC2/CgoqQlXC6ez9/fXjGPdaVJXbnRwRE1q9bx1TspaguRSo8OOTIdF7b6CuRzKeYgtpyD0GfPZrMiQLEUCxPxTr8CMcQLHh2TcilGKWH2nVaOPdo0qqSngBxkfFA1oBlO/nJSvpaOMJDipjkeIQQQfaEYSOpNsg4+h5x/cYGNmR04Ap73tnochAu2PjcYWMxUroEoiQbqU1/DS31DQmV+G19N1zlqn851hxu/csyjrh5nibL4A/JW4zg/Lk/8jJ6UtdbQM4=
Content-Type: multipart/alternative; boundary="_000_EFC3FB41DCC44082989760F6B7C00BBCtelefonicacom_"
MIME-Version: 1.0
X-OriginatorOrg: telefonica.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 35d3b16d-8d00-4768-a66e-08d6eb70e065
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Jun 2019 17:52:15.1897 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 9744600e-3e04-492e-baa1-25ec245c6f10
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: diego.r.lopez@telefonica.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB3PR0602MB3689
Archived-At: <https://mailarchive.ietf.org/arch/msg/smart/2jSVONqcS7SI7GBqXpvitUzpeuI>
Subject: Re: [Smart] Future of SMART
X-BeenThere: smart@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Stopping Malware And Researching Threats <smart.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/smart>, <mailto:smart-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/smart/>
List-Post: <mailto:smart@irtf.org>
List-Help: <mailto:smart-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/smart>, <mailto:smart-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jun 2019 17:52:37 -0000

Hi Kirsty,

Sorry to hear that SMART was not able to break the cybersecurity “glass ceiling” that has been part of the IETF idiosyncrasy for so long time. Looking at the attendance in Prague and the opinions I heard from many people there I had some hope this time would be… Count on me for any further steps.

Be goode,

--
"Esta vez no fallaremos, Doctor Infierno"

Dr Diego R. Lopez
Telefonica I+D
https://www.linkedin.com/in/dr2lopez/

e-mail: diego.r.lopez@telefonica.com<mailto:diego.r.lopez@telefonica.com>
Tel:         +34 913 129 041
Mobile:  +34 682 051 091
----------------------------------

On 06/06/2019, 08:24, "Smart on behalf of Kirsty P" <smart-bounces@irtf.org<mailto:smart-bounces@irtf.org> on behalf of Kirsty.p=40ncsc.gov.uk@dmarc.ietf.org<mailto:Kirsty.p=40ncsc.gov.uk@dmarc.ietf.org>> wrote:

I'm sorry to say that SMART is not holding a formal meeting at IETF 105 in Montreal; the charter we
proposed was not viewed as defining a programme of research activity suitable for the IRTF. Despite
the attendance and interest at SMART's previous meeting at IETF 104 in Prague*, acknowledgement that
the IETF’s current security threat model is outdated and under-researched, and contributions of
new academic research on SMART topics, it has not been possible to secure a formal meeting at IETF
105 as a proposed IRTF RG.

We plan to arrange a side-meeting in Montreal to review the drafts currently in development and
discuss the way forward.  Work on the CLESS draft and research projects from CARIS2 will continue
and the shape they take may guide the decision for a way forward.

We will continue to welcome the knowledge and experience of cyber security experts on this list and
encourage these experts to attend IETF and IRTF meetings because their expertise is not commonplace
there.  This means both assisting with developing drafts towards the goals of SMART and outcomes
from CARIS2, but also integrating into working and research groups to assist with security
improvements in developing work. For those who are already regular participants in the IRTF, we hope
that you will welcome newcomers who are experts in their own field and learn from what they
contribute. We encourage experts to post individual drafts on the topic of detecting and mitigating
cyber attack threats, and where these drafts have no natural home in the IETF (and struggle to find
one), to cross-post to SMART. SMART and its base will still aim to bring the cyber defence viewpoint
and expertise into IETF groups more consistently.

Finally, a minor success. When I (Kirsty) first attended an IETF meeting, one concerning security
aspect that stood out for me was the IETF view of the Internet threat model, which bizarrely doesn't
major on the vast scale and variety of cyber attacks we see today. Now there are two drafts
discussing this threat model and its need to be updated: draft-arkko-arch-internet-threat-model and
draft-farrell-etm. Both drafts start a needed analysis of Internet security, which will need to be
supported by robust research. Although the IRTF will not presently support the creation of a RG to
stimulate research in this area, the SMART non-working group mailing list can still be a place to
bring and share evidence on protocol-enabled attacks.

Thank you to everyone who continues to support improving cyber defence on the Internet. We hope that
SMART has started enough conversations that, in future, every person who designs a part of the
Internet will have a solid knowledge of attack defence. Ultimately, however SMART work happens and
whoever leads the effort, the need to improve security and reduce all types of attacks (and not
create new ones!) should be the most important priority for the people who design the Internet.

Kirsty & Kathleen


*We were the 10th most attended session of the week, with 150 people at the meeting and roughly half
of the room willing to work on these topics.
This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk

________________________________

Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción.

The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it.

Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição

v2.23.0 | Report a Bug | By Email