Re: [Smart] SMART meeting at IETF 105
Kirsty P <Kirsty.p@ncsc.gov.uk> Thu, 18 July 2019 09:05 UTC
Return-Path: <Kirsty.p@ncsc.gov.uk>
X-Original-To: smart@ietfa.amsl.com
Delivered-To: smart@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 663C9120178 for <smart@ietfa.amsl.com>; Thu, 18 Jul 2019 02:05:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ncsc.gov.uk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g-Yviy6VoKRE for <smart@ietfa.amsl.com>; Thu, 18 Jul 2019 02:05:41 -0700 (PDT)
Received: from GBR01-CWL-obe.outbound.protection.outlook.com (mail-eopbgr110097.outbound.protection.outlook.com [40.107.11.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B742112016D for <smart@irtf.org>; Thu, 18 Jul 2019 02:05:40 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SvtSICVMmhuHSawC4GhPpdTc/sAdP0PNJtRjR3xO9AIKhCezRwvkfb3QJR6AAENuhBcEaz0izQ2rm1qiqSSfoX4Yn+Tq/Nm4XN7txeAB47ylpx2UZ8alYoCgMdRfkAgM/fFGjfzMRyluKsWvsVQBjdguux3w0Fwavvq8odIme38Yr177YNOrgCJnqTATMdnnb8LfcFYTR5VlQd1qVJpKi3a4T6a6aAespIJbhJxqwYWjMaKazo+3BJxA+rzWcQUfaBb4a0kZxZjm+C5mwtYdv9ZcAVaMVCuQIsSawA+Qgt6VkZbJ3c6XIxV9+APQGKF7wTGtXgPsF1j9K1dakQATsw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CIOBBppyAcCekXdSFxX7HsoGfjJC8ALGc7XQ6sSQVIU=; b=ncJiaOJIfVzUnV5U/HxhzcQHsRlO8jh/zgfhW5x/cKTslbn47+g2l4YGu7xmnUoDDmlswg3ujWvi/k0ejcMovgkSihlS3KwVGvA0laH5bnFE8rvbtJ9WHe4lLKLD3XLbHJAtzg8DRW8orGjjjLrqWsaEZOR8aZR6meBht+fO4UQONe1PJ2BFhoErU4q1GTEWtJgH7/FYxq2zuYFmxGRpXVTP9ge5iwz509QptEQdQb+cIe+wCrX5Rls//fsCjaGuInPio8Imetx1IUjBwtro3uHngB2cvJSrwY3FTVMjTWD3jIezHhc6n567rx9dGcZhJ3Nyh5quleaVpyt7KX/K3A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=ncsc.gov.uk;dmarc=pass action=none header.from=ncsc.gov.uk;dkim=pass header.d=ncsc.gov.uk;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ncsc.gov.uk; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CIOBBppyAcCekXdSFxX7HsoGfjJC8ALGc7XQ6sSQVIU=; b=UgeB0JM+K3Dems/NkYFNxGhqtZJhgB5fQDU3zOpKden5FIH7vUi7ohATVk6pQODzOOxlWPQjHJLzAxwYeBlmIbLq9bEibRWqERmakk+xEyOdTmSEIACxgpa+jLVsZDobyyGq+hKC7pkGSIQdXnBDREGddEhIs7+3K/S/bj8QOtM=
Received: from LO2P123MB1727.GBRP123.PROD.OUTLOOK.COM (20.176.156.14) by LO2P123MB1693.GBRP123.PROD.OUTLOOK.COM (20.176.154.212) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2094.12; Thu, 18 Jul 2019 09:05:37 +0000
Received: from LO2P123MB1727.GBRP123.PROD.OUTLOOK.COM ([fe80::2cbc:76fa:96ae:d4dd]) by LO2P123MB1727.GBRP123.PROD.OUTLOOK.COM ([fe80::2cbc:76fa:96ae:d4dd%3]) with mapi id 15.20.2073.012; Thu, 18 Jul 2019 09:05:37 +0000
From: Kirsty P <Kirsty.p@ncsc.gov.uk>
To: Kirsty P <Kirsty.p=40ncsc.gov.uk@dmarc.ietf.org>, "smart@irtf.org" <smart@irtf.org>
Thread-Topic: SMART meeting at IETF 105
Thread-Index: AQHVPHi+JXYb+6dMW06Yy8pMgLn3fKbQFeoV
Date: Thu, 18 Jul 2019 09:05:37 +0000
Message-ID: <LO2P123MB1727636D9187E8E4E0199133D7C80@LO2P123MB1727.GBRP123.PROD.OUTLOOK.COM>
References: <LO2P123MB17279FC615A3C1795CFDE12DD7C90@LO2P123MB1727.GBRP123.PROD.OUTLOOK.COM>
In-Reply-To: <LO2P123MB17279FC615A3C1795CFDE12DD7C90@LO2P123MB1727.GBRP123.PROD.OUTLOOK.COM>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Kirsty.p@ncsc.gov.uk;
x-originating-ip: [51.140.114.144]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e8859ed3-f5b5-4c0a-10c7-08d70b5f19c0
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(7168020)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:LO2P123MB1693;
x-ms-traffictypediagnostic: LO2P123MB1693:
x-ms-exchange-purlcount: 7
x-microsoft-antispam-prvs: <LO2P123MB1693E94AFA166AC1557267C4D7C80@LO2P123MB1693.GBRP123.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 01026E1310
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(39850400004)(136003)(396003)(346002)(366004)(376002)(13624006)(189003)(199004)(64756008)(66476007)(66946007)(66446008)(66556008)(966005)(2906002)(66574012)(76116006)(19627405001)(52536014)(9686003)(14444005)(256004)(25786009)(6306002)(236005)(66066001)(3846002)(6116002)(33656002)(55016002)(54896002)(5660300002)(478600001)(8676002)(74316002)(7736002)(53936002)(110136005)(81166006)(86362001)(14454004)(6506007)(26005)(11346002)(186003)(81156014)(229853002)(476003)(6246003)(68736007)(446003)(99286004)(76176011)(486006)(2501003)(7696005)(71200400001)(71190400001)(6436002)(606006)(53546011)(55236004)(105004)(8936002)(316002)(102836004); DIR:OUT; SFP:1102; SCL:1; SRVR:LO2P123MB1693; H:LO2P123MB1727.GBRP123.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ncsc.gov.uk does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 9/d/DiyIWb1p+fW3whzUFuhPDWOsNV4NedUadLTSUnlRZwnR7IWq9l5B/q8B66QFlFkIlcn8Q5ktfgjfiYO5AODzw/AnoEkkYskmwvdJUVfZMZXN//4GiWXSe5Ziga17A7nsDQFxOjlp1wHHljAytufF/ShhWjUKAvI49y+1xvqQ3mrCQcbKY6HTPrs2okweO5wAbYEX1B8RoxVhUXv3xPLvz7CwY/Tr0NoxUeoIbv/+3V8qub3PVixInHAhtVDHM83AQqlIdLZgIfcsEVPeKg6f8kQWlxHck1w0F8di/2BEwTkh1ZjTlHQ5E1OIefK4hlvhLny45PG9Lb4nWsy07gJZ08MBMj7Z04aXXLKiP/ufbdXp3s12hHZNRe9US9m7zqQVNUvmrQCB/uvhqc1/qGDPpYkT3CwgH6UiCjRRjN0=
Content-Type: multipart/alternative; boundary="_000_LO2P123MB1727636D9187E8E4E0199133D7C80LO2P123MB1727GBRP_"
MIME-Version: 1.0
X-OriginatorOrg: ncsc.gov.uk
X-MS-Exchange-CrossTenant-Network-Message-Id: e8859ed3-f5b5-4c0a-10c7-08d70b5f19c0
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Jul 2019 09:05:37.6791 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 14aa5744-ece1-474e-a2d7-34f46dda64a1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: kirsty62596@ncsc.gov.uk
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO2P123MB1693
Archived-At: <https://mailarchive.ietf.org/arch/msg/smart/3V5iNx3y3LH-tsDX5BkqLxWjhLg>
Subject: Re: [Smart] SMART meeting at IETF 105
X-BeenThere: smart@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Stopping Malware And Researching Threats <smart.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/smart>, <mailto:smart-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/smart/>
List-Post: <mailto:smart@irtf.org>
List-Help: <mailto:smart-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/smart>, <mailto:smart-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Jul 2019 09:05:46 -0000
SMART folks, Just to note that this will be a *side* meeting at IETF 105 - this also means you won't see it in the main agenda. Apologies for any confusion! Kirsty ________________________________ From: Smart <smart-bounces@irtf.org> on behalf of Kirsty P <Kirsty.p=40ncsc.gov.uk@dmarc.ietf.org> Sent: 17 July 2019 10:24 To: smart@irtf.org Subject: [Smart] SMART meeting at IETF 105 SMART folks, We will be meeting at IETF 105 on Wednesday 24th July 09:00-10:30 ET in the C2 room (21st Floor). The meeting will include plans for the group going forward and discussion of the six drafts under SMART themes, listed below. Everyone is welcome to join and we looking forward to seeing you there! Kirsty ====== draft-taddei-smart-cless-introduction * Also known as CLESS: Capabilities and Limitations of Endpoint Security Solutions: https://datatracker.ietf.org/doc/draft-taddei-smart-cless-introduction/<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-taddei-smart-cless-introduction%2F&data=02%7C01%7Ckirsty.p%40ncsc.gov.uk%7C7a3ee571969e4ec8956708d70a9897cf%7C14aa5744ece1474ea2d734f46dda64a1%7C0%7C0%7C636989522825534785&sdata=jZ3q0baYXavrEKEK1BBdcvmGL96mIpNfTZnKj74ak7Q%3D&reserved=0> * CLESS attempts to establish the capabilities and limitations of endpoint-only security solutions and explore potential alternative approaches. draft-mcfadden-smart-endpoint-taxonomy-for-cless * Endpoint Taxonomy for CLESS: https://datatracker.ietf.org/doc/draft-mcfadden-smart-endpoint-taxonomy-for-cless/<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-mcfadden-smart-endpoint-taxonomy-for-cless%2F&data=02%7C01%7Ckirsty.p%40ncsc.gov.uk%7C7a3ee571969e4ec8956708d70a9897cf%7C14aa5744ece1474ea2d734f46dda64a1%7C0%7C0%7C636989522825534785&sdata=%2Bq7KjYGFVA6OrEDo29b9R2np4Gk0407W43SoOKGDHNQ%3D&reserved=0> * CLESS discusses endpoints in general terms. It has been suggested that there are classes of endpoints that have different characteristics. Those classes may have completely different threat landscapes and the endpoints may have completely different security capabilities. In support of the work on CLESS, this document provides a taxonomy of endpoints that is intended to provide a foundation for further work on CLESS and research on approaches to providing endpoint security alternatives in a diverse group of settings. draft-sasse-smart-secui-questions * Open Questions in Supporting Secure User Interactions: https://github.com/smart-rg/drafts/blob/master/draft-sasse-smart-secui-questions.txt<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fsmart-rg%2Fdrafts%2Fblob%2Fmaster%2Fdraft-sasse-smart-secui-questions.txt&data=02%7C01%7Ckirsty.p%40ncsc.gov.uk%7C7a3ee571969e4ec8956708d70a9897cf%7C14aa5744ece1474ea2d734f46dda64a1%7C0%7C0%7C636989522825544786&sdata=sHZWXaSXuJmvjulb5Xxk5uEOnJRG5KNLIf%2FfWQ3Klu8%3D&reserved=0> * Describes open questions in supporting usable security at the UI level. The questions are split into defining a set of manageable security tasks for countering the most common attacks, and the UI elements for signalling whether an intended action is secure. draft-lazanski-smart-users-internet * An Internet for Users Again: https://datatracker.ietf.org/doc/draft-lazanski-smart-users-internet<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-lazanski-smart-users-internet&data=02%7C01%7Ckirsty.p%40ncsc.gov.uk%7C7a3ee571969e4ec8956708d70a9897cf%7C14aa5744ece1474ea2d734f46dda64a1%7C0%7C0%7C636989522825544786&sdata=Jx%2Foo%2FiV%2BT8YNWIPtB1RnRKEMP6pMeA5KLHyD7SmlVc%3D&reserved=0> * RFC 3552 introduces a threat model that does not include endpoint security. In the fifteen years since RFC 3552 security issues and cyber attacks have increased, especially on the endpoint. This document proposes a new approach to Internet cyber security protocol development that focuses on the user of the Internet, namely those who use the endpoint and are the most vulnerable to attacks. draft-moriarty-caris2 * Coordinating Attack Response at Internet Scale 2 Report: https://datatracker.ietf.org/doc/draft-moriarty-caris2/<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-moriarty-caris2%2F&data=02%7C01%7Ckirsty.p%40ncsc.gov.uk%7C7a3ee571969e4ec8956708d70a9897cf%7C14aa5744ece1474ea2d734f46dda64a1%7C0%7C0%7C636989522825554782&sdata=GKx9yoWTJtlemk9ps7VsCMt40tJ8vpzGoUmlainlHAw%3D&reserved=0> * Coordinating Attack Response at Internet Scale (CARIS) 2 (https://www.internetsociety.org/events/caris2<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.internetsociety.org%2Fevents%2Fcaris2&data=02%7C01%7Ckirsty.p%40ncsc.gov.uk%7C7a3ee571969e4ec8956708d70a9897cf%7C14aa5744ece1474ea2d734f46dda64a1%7C0%7C0%7C636989522825554782&sdata=bIwnGlgPhaKUKtcOZaOebmpSWRDJ6eymg%2FGl4fTAkVo%3D&reserved=0>), sponsored by the Internet Society, took place 28 February and 1 March 2019 in Cambridge, Massachusetts, USA. Participants spanned regional, national, international, and enterprise CSIRTs, operators, service providers, network and security operators, transport operators and researchers, incident response researchers, vendors, and participants from standards communities. draft-mcfadden-smart-rfc3552-research-methodology * Methodology for Researching Security Considerations Sections: https://datatracker.ietf.org/doc/draft-mcfadden-smart-rfc3552-research-methodology<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-mcfadden-smart-rfc3552-research-methodology&data=02%7C01%7Ckirsty.p%40ncsc.gov.uk%7C7a3ee571969e4ec8956708d70a9897cf%7C14aa5744ece1474ea2d734f46dda64a1%7C0%7C0%7C636989522825564773&sdata=scPL1tRC%2FZGwQ4j%2BZeESEhHVKDdlQsIBcb%2BcyuOdZXA%3D&reserved=0> * RFC3552 provides guidance to authors in crafting RFC text on Security Considerations. The RFC is more than fifteen years old. With the threat landscape and security ecosystem significantly changed since the RFC was published, RFC3552 is a candidate for update. This draft proposes that, prior to drafting an update to RFC3552, an examination of recent, published Security Considerations sections be carried out as a baseline for how to improve RFC3552. It suggests a methodology for examining Security Considerations sections in published RFCs and the extraction of both quantitative and qualitative information that could inform a revision of the older guidance. This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk. All material is UK Crown Copyright ©
- [Smart] SMART meeting at IETF 105 Kirsty P
- Re: [Smart] SMART meeting at IETF 105 Kirsty P