Re: [Smart] Draft Charter For SMART Proposed RG
Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 28 September 2018 22:43 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: smart@ietfa.amsl.com
Delivered-To: smart@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DBAFE130E07 for <smart@ietfa.amsl.com>; Fri, 28 Sep 2018 15:43:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zHLcLedpuxrN for <smart@ietfa.amsl.com>; Fri, 28 Sep 2018 15:43:33 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EB67E127133 for <smart@irtf.org>; Fri, 28 Sep 2018 15:43:32 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id A7E10BE55; Fri, 28 Sep 2018 23:43:29 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KySkM3NBms0q; Fri, 28 Sep 2018 23:43:26 +0100 (IST)
Received: from [10.244.2.138] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 31E4FBE51; Fri, 28 Sep 2018 23:43:24 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1538174606; bh=gRDcdxWHL/Xy/PE+Nxm/Pjf6G25ne4/OqaPGpjnGsOg=; h=To:Cc:References:From:Subject:Date:In-Reply-To:From; b=PRjOMK+2wcZNFB0pJhk2nrQ2g4ftSSVVZP+YrS4V3WxWhvpSsZqzrpkkY6Ge//wvu Cn9nXwWzgHjuMRiBX1YKS/Nma5VRYKWxfljViQjKv10VQpn1AaAAx2ELoRdPM5d10D d1pC519H9LNH0bajkLQQK922MAqNjcZBLCGNe+/M=
To: Bret Jordan <jordan.ietf@gmail.com>, "David McGrew (mcgrew)" <mcgrew@cisco.com>
Cc: "smart@irtf.org" <smart@irtf.org>, Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, "Kirsty.p=40ncsc.gov.uk@dmarc.ietf.org" <Kirsty.p=40ncsc.gov.uk@dmarc.ietf.org>
References: <MMXP123MB0847E55749751AA12D26DBFAD7150@MMXP123MB0847.GBRP123.PROD.OUTLOOK.COM> <B681C76A-CE1F-4C4B-8389-658A01D0E77E@gmail.com> <064F1F53-248C-4BBD-8C2D-59A4F71874DB@cisco.com> <CAHbuEH5hgU0dGn=bcz8zA9Vr3S01W1UpsBH_EiBcD6pzDHLthw@mail.gmail.com> <AFBF879B-7638-4B83-B986-FC12C44753E3@cisco.com> <1C0FF090-9AE0-4D99-8E4D-57893643785C@gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=5BB5A6EA5765D2C5863CAE275AB2FAF17B172BEA; url=
Autocrypt: addr=stephen.farrell@cs.tcd.ie; prefer-encrypt=mutual; keydata= xsFNBFo9UDIBEADUH4ZPcUnX5WWRWO4kEkHea5Y5eEvZjSwe/YA+G0nrTuOU9nemCP5PMvmh 5Cg8gBTyWyN4Z2+O25p9Tja5zUb+vPMWYvOtokRrp46yhFZOmiS5b6kTq0IqYzsEv5HI58S+ QtaFq978CRa4xH9Gi9u4yzUmT03QNIGDXE37honcAM4MOEtEgvw4fVhVWJuyy3w//0F2tzKr EMjmL5VGuD/Q9+G/7abuXiYNNd9ZFjv4625AUWwy+pAh4EKzS1FE7BOZp9daMu9MUQmDqtZU bUv0Q+DnQAB/4tNncejJPz0p2z3MWCp5iSwHiQvytYgatMp34a50l6CWqa13n6vY8VcPlIqO Vz+7L+WiVfxLbeVqBwV+4uL9to9zLF9IyUvl94lCxpscR2kgRgpM6A5LylRDkR6E0oudFnJg b097ZaNyuY1ETghVB5Uir1GCYChs8NUNumTHXiOkuzk+Gs4DAHx/a78YxBolKHi+esLH8r2k 4LyM2lp5FmBKjG7cGcpBGmWavACYEa7rwAadg4uBx9SHMV5i33vDXQUZcmW0vslQ2Is02NMK 7uB7E7HlVE1IM1zNkVTYYGkKreU8DVQu8qNOtPVE/CdaCJ/pbXoYeHz2B1Nvbl9tlyWxn5Xi HzFPJleXc0ksb9SkJokAfwTSZzTxeQPER8la5lsEEPbU/cDTcwARAQABzTJTdGVwaGVuIEZh cnJlbGwgKDIwMTcpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPsLBgAQTAQgAKgIbAwUJ CZQmAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAUCWj6jdwIZAQAKCRBasvrxexcr6o7QD/9m x9DPJetmW794RXmNTrbTJ44zc/tJbcLdRBh0KBn9OW/EaAqjDmgNJeCMyJTKr1ywaps8HGUN hLEVkc14NUpgi4/Zkrbi3DmTp25OHj6wXBS5qVMyVynTMEIjOfeFFyxG+48od+Xn7qg6LT7G rHeNf+z/r0v9+8eZ1Ip63kshQDGhhpmRMKu4Ws9ZvTW2ACXkkTFaSGYJj3yIP4R6IgwBYGMz DXFX6nS4LA1s3pcPNxOgrvCyb60AiJZTLcOk/rRrpZtXB1XQc23ZZmrlTkl2HaThL6w3YKdi Ti1NbuMeOxZqtXcUshII45sANm4HuWNTiRh93Bn5bN6ddjgsaXEZBKUBuUaPBl7gQiQJcAlS 3MmGgVS4ZoX8+VaPGpXdQVFyBMRFlOKOC5XJESt7wY0RE2C8PFm+5eywSO/P1fkl9whkMgml 3OEuIQiP2ehRt/HVLMHkoM9CPQ7t6UwdrXrvX+vBZykav8x9U9M6KTgfsXytxUl6Vx5lPMLi 2/Jrsz6Mzh/IVZa3xjhq1OLFSI/tT2ji4FkJDQbO+yYUDhcuqfakDmtWLMxecZsY6O58A/95 8Qni6Xeq+Nh7zJ7wNcQOMoDGj+24di2TX1cKLzdDMWFaWzlNP5dB5VMwS9Wqj1Z6TzKjGjru q8soqohwb2CK9B3wzFg0Bs1iBI+2RuFnxM7BTQRaPVAyARAA+g3R0HzGr/Dl34Y07XqGqzq5 SU0nXIu9u8Ynsxj7gR5qb3HgUWYEWrHW2jHOByXnvkffucf5yzwrsvw8Q8iI8CFHiTYHPpey 4yPVn6R0w/FOMcY70eTIu/k6EEFDlDbs09DtKcrsT9bmN0XoRxITlXwWTufYqUnmS+YkAuk+ TLCtUin7OdaS2uU6Ata3PLQSeM2ZsUQMmYmHPwB9rmf+q2I005AJ9Q1SPQ2KNg/8xOGxo13S VuaSqYRQdpV93RuCOzg4vuXtR+gP0KQrus/P2ZCEPvU9cXF/2MIhXgOz207lv3iE2zGyNXld /n8spvWk+0bH5Zqd9Wcba/rGcBhmX9NKKDARZqjkv/zVEP1X97w1HsNYeUFNcg2lk9zQKb4v l1jx/Uz8ukzH2QNhU4R39dbF/4AwWuSVkGW6bTxHJqGs6YimbfdQqxTzmqFwz3JP0OtXX5q/ 6D4pHwcmJwEiDNzsBLl6skPSQ0Xyq3pua/qAP8MVm+YxCxJQITqZ8qjDLzoe7s9X6FLLC/DA L9kxl5saVSfDbuI3usH/emdtn0NA9/M7nfgih92zD92sl1yQXHT6BDa8xW1j+RU4P+E0wyd7 zgB2UeYgrp2IIcfG+xX2uFG5MJQ/nYfBoiALb0+dQHNHDtFnNGY3Oe8z1M9c5aDG3/s29QbJ +w7hEKKo9YMAEQEAAcLBZQQYAQgADwUCWj1QMgIbDAUJCZQmAAAKCRBasvrxexcr6qwvD/9b Rek3kfN8Q+jGrKl8qwY8HC5s4mhdDJZI/JP2FImf5J2+d5/e8UJ4fcsT79E0/FqX3Z9wZr6h sofPqLh1/YzDsYkZDHTYSGrlWGP/I5kXwUmFnBZHzM3WGrL3S7ZmCYMdudhykxXXjq7M6Do1 oxM8JofrXGtwBTLv5wfvvygJouVCVe87Ge7mCeY5vey1eUi4zSSF1zPpR6gg64w2g4TXM5qt SwkZVOv1g475LsGlYWRuJV8TA67yp1zJI7HkNqCo8KyHX0DPOh9c+Sd9ZX4aqKfqH9HIpnCL AYEgj7vofeix7gM3kQQmwynqq32bQGQBrKJEYp2vfeO30VsVx4dzuuiC5lyjUccVmw5D72J0 FlGrfEm0kw6D1qwyBg0SAMqamKN6XDdjhNAtXIaoA2UMZK/vZGGUKbqTgDdk0fnzOyb2zvXK CiPFKqIPAqKaDHg0JHdGI3KpQdRNLLzgx083EqEc6IAwWA6jSz+6lZDV6XDgF0lYqAYIkg3+ 6OUXUv6plMlwSHquiOc/MQXHfgUP5//Ra5JuiuyCj954FD+MBKIj8eWROfnzyEnBplVHGSDI ZLzL3pvV14dcsoajdeIH45i8DxnVm64BvEFHtLNlnliMrLOrk4shfmWyUqNlzilXN2BTFVFH 4MrnagFdcFnWYp1JPh96ZKjiqBwMv/H0kw==
Message-ID: <b1d39c5d-4d49-303d-559d-f365d42dd8bc@cs.tcd.ie>
Date: Fri, 28 Sep 2018 23:43:19 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <1C0FF090-9AE0-4D99-8E4D-57893643785C@gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="uIbC9QBhutuXIJBf9Fvdeox6v3C9O4jzV"
Archived-At: <https://mailarchive.ietf.org/arch/msg/smart/_7vxvXqe1gbNcoeAmV2vgEqeVLQ>
Subject: Re: [Smart] Draft Charter For SMART Proposed RG
X-BeenThere: smart@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Stopping Malware And Researching Threats <smart.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/smart>, <mailto:smart-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/smart/>
List-Post: <mailto:smart@irtf.org>
List-Help: <mailto:smart-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/smart>, <mailto:smart-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Sep 2018 22:43:38 -0000
Hiya, On 28/09/18 23:21, Bret Jordan wrote: > I think the use of cyber security and cyber defense are well > understood in the market I'm not sure "the market" is the target readership in this case, if what we're after is as-stated. > and I am personally okay with their use. I'm against the use of ill-defined and widely-abused marketing terms for things like this where rigour is better. The IETF and IRTF were, I think, wise to not go along with (ab)uses of the "cloud" term despite people then claiming that'd be a good plan. And I think the same applies here. Anyway, I'd suggest avoiding contentious terms, (the set of cyberblah terms are I think contentious in this context) and trying to be precise even if that consumes more words. (Those are cheap enough I think:-) Cheers, S. > Given the target audience of a lot of these work products, the use of > cyber* will be more wildly accepted than some of the other terms that > will just be found to be confusing. > > > Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 > ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, > the only thing that can not be unscrambled is an egg." > >> On Sep 28, 2018, at 10:26 AM, David McGrew (mcgrew) >> <mcgrew@cisco.com> wrote: >> >> Hi Kathleen, >> >> Please see inline: >> >> From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com >> <mailto:kathleen.moriarty.ietf@gmail.com>> Date: Friday, September >> 28, 2018 at 12:04 PM To: mcgrew <mcgrew@cisco.com >> <mailto:mcgrew@cisco.com>> Cc: >> "Kirsty.p=40ncsc.gov.uk@dmarc.ietf.org >> <mailto:Kirsty.p=40ncsc.gov.uk@dmarc.ietf.org>" >> <Kirsty.p=40ncsc.gov.uk@dmarc.ietf.org >> <mailto:Kirsty.p=40ncsc.gov.uk@dmarc.ietf.org>>, "smart@irtf.org >> <mailto:smart@irtf.org>" <smart@irtf.org <mailto:smart@irtf.org>> >> Subject: Re: [Smart] Draft Charter For SMART Proposed RG >> >>> Hi David, >>> >>> Thank you very much for the detailed feedback. I have limited >>> time at the moment, but was the one who helped remove the word >>> cyber from earlier versions of the charter in an effort to use >>> terms that are well understood. Do you have a suggestion that >>> improves from attack defense, but doesn't include cyber? >> >> >> Not off the top of my head, but I agree with the need to use well >> defined terms, because we hope to engage multiple communities. >> Perhaps we would be better off defining exactly what we mean. I >> had actually looked through RFC4949 for a reference, with no luck. >> >> >> Thanks >> >> David >> >> >>> Sorry for the top post on very helpful feedback (more on that >>> later from at least one of us). >>> >>> Glad to see you engaged in the conversation! >>> >>> Best regards, Kathleen >>> >>> >>> On Fri, Sep 28, 2018 at 11:49 AM David McGrew (mcgrew) >>> <mcgrew@cisco.com <mailto:mcgrew@cisco.com>> wrote: >>>> Hi Kirsty and others, >>>> >>>> Thanks for doing this; I very much like the idea of forming an >>>> RG that addresses these issues. An RG where protocol geeks can >>>> talk to the threat defense community would be goodness. >>>> >>>> Some detailed comments below. Please don’t misinterpret >>>> these comments as being negative on the idea of the RG; the >>>> intent is to refine the charter. >>>> >>>> I like Stephen’s suggestions of making it an explicit goal to >>>> preserve privacy, and citing BCPs. >>>> >>>> More inline: >>>> >>>>> >>>>> On Sep 26, 2018, at 9:36 AM, Kirsty P >>>>> <Kirsty.p=40ncsc.gov.uk@dmarc.ietf.org >>>>> <mailto:Kirsty.p=40ncsc.gov.uk@dmarc.ietf.org>> wrote: >>>>> >>>>>> This is the draft charter for the Proposed Research Group: >>>>>> Stopping Malware and Researching Threats (SMART). Your >>>>>> thoughts and suggestions are very welcome - please post to >>>>>> the list with your comments! - and keep an eye out for a >>>>>> list of proposed research problems soon... >>>>>> >>>>>> >>>>>> # Stopping Malware and Researching Threats (SMART) Proposed >>>>>> RG - Draft Charter >>>>>> >>>>>> ## BACKGROUND >>>> >>>> The first paragraph below probably should precede the >>>> Background heading. I suggest adding a background that >>>> outlines cybersecurity issues like the cost of data breaches >>>> and the high time-to-detection. >>>>>> The Stopping Malware and Researching Threats Research Group >>>>>> (or SMART RG) will investigate how cyber attack defence >>>>>> requirements can be met in a world of encrypted data. >>>> >>>> I suggest moving the “world of encrypted data†out of the >>>> intro sentence, and relegating it to somewhere further down. >>>> It’s important, but not the only consideration, and we >>>> don’t want to give people the false impression that the RG is >>>> about backdoors in crypto or other ulterior motives. The >>>> following sentence would be a good opener. >>>>>> It will research the effects, both positive and negative, >>>>>> of existing, proposed and newly published protocols and >>>>>> Internet standards on attack defence. >>>> >>>> I suggest replacing “attack defense†with >>>> “cybersecurity†throughout, and defining cybersecurity as >>>> including the security of the information and the computers and >>>> communication systems. My thinking here is that we should >>>> emphasize that SMART is considering the security aspects beyond >>>> just the communication security of the protocols. It might be >>>> worth adding something about how endpoint system security is at >>>> least as important as protocol/communication security, as it >>>> doesn’t matter how wise one is about cryptography if the >>>> attacker can exfiltrate their keys. >>>> >>>> On “negative effectsâ€, what we are most concerned with are >>>> negative externalities in an economic sense, that is, >>>> unintended costs or harm that people who design, implement, >>>> deploy, and operate protocols on the internet can cause to >>>> others. It would be good to call this out in the charter. >>>> It is already best current practice to avoid negative >>>> externalities in the context of DoS attacks (RFC4732, say), and >>>> it would be healthy for the internet to have the RG consider >>>> externalities around other types of threats. For instance, the >>>> interaction between IP blacklisting and Tor, as presented by >>>> Singh et. al. at ANRW 18 >>>> (https://dl.acm.org/citation.cfm?id=3232786&dl=ACM&coll=DL >>>> <https://dl.acm.org/citation.cfm?id=3232786&dl=ACM&coll=DL>) >>>> deserves more discussion. >>>>>> It will gather evidence from information security >>>>>> practitioners on methods used to defend against attacks and >>>>>> make this available to protocol designers. As a result, >>>>>> designers, implementers and users of new protocols will be >>>>>> better informed about the possible impact on attack >>>>>> prevention and mitigation. >>>> >>>> I suggest using “protocol designers, implementers, and >>>> users†throughout, instead of focusing on protocol designers. >>>> Also, it might be good to think even more broadly here, because >>>> what network and server operators do (or don’t do) can have >>>> important effects (e.g. spoofing due to the lack of ingress >>>> filtering, and vulnerable servers used to launch attacks). >>>>>> >>>>>> >>>>>> The IRTF is in a unique position to provide this research >>>>>> and evidence to the IETF. >>>> >>>> It’s a good idea to focus on research and evidence, >>>> especially around malicious activity observed on the internet >>>> or network behaviors seen in malware sandboxes, honeypots, etc. >>>> >>>>>> This research group aims to describe the effect of protocol >>>>>> changes where relevant and stimulate methodical research >>>>>> into attack defence methods for new protocols. Protocols >>>>>> are already rigorously assessed for their security >>>>>> properties, but ensuring attack defence methods are also >>>>>> rigorously assessed alongside protocol design changes would >>>>>> provide a fuller understanding of the value for such >>>>>> change, enabling a better engineered Internet. >>>> >>>> Instead of “attack defence methods†in the above, I suggest >>>> something like “impact on cybersecurityâ€. >>>>>> >>>>>> >>>>>> >>>>>> ## AIMS This research group has these major aims: To bring >>>>>> evidence on attacks and the methods that are or could be >>>>>> used to defend against them to the attention of the IETF. >>>> >>>> More generally, I think we would like to see research on >>>> malicious network behavior. >>>>>> To highlight the attack mitigation impact, both positive >>>>>> and negative, of new protocols and updates to existing >>>>>> protocols. >>>> >>>> Instead of “new protocols†I suggest “protocol design, >>>> deployment, and operationâ€. >>>>>> To stimulate and generate research into attack defence >>>>>> methods for new protocols, and to increase awareness in the >>>>>> technical community of new and existing methodology for >>>>>> detecting and mitigating attacks. To provide systematic >>>>>> guidance to designers of new protocols as to what attack >>>>>> defence considerations to review, and to inform >>>>>> implementers by default about the effects of new protocols >>>>>> on attack defence. To produce problem statements that >>>>>> describe key issues in cyber security for the group to >>>>>> research (initial research project ideas are listed >>>>>> below). >>>> >>>> I suggest putting the problem statements bullet right after the >>>> first bullet, as the RG should be presenting research findings >>>> first, then creating problem statements, then proposing >>>> solutions. >>>> >>>> I think “systematic guidance to designers of new protocols†>>>> is an ambitious goal. It would be nice to have the goal >>>> written in a way that it would be easier to make progress >>>> against. It can be difficult for an RG to make timely >>>> progress, so from the point of view of the process and the IRTF >>>> chairs and the RG chairs, it would be nice to have some more >>>> modest or intermediary goals against which headway could be >>>> made. >>>> >>>> I would like to see a goal like “To stimulate and generate >>>> research on network protocols and practices that minimize >>>> impact on third parties†or something like that. >>>>>> >>>>>> ## OUTPUTS The research group plans to create documents >>>>>> that may include, but are not limited to, the following: >>>>>> Internet drafts, some of which may be published through >>>>>> the IRTF RFC stream. These will include outline problem >>>>>> statements, use cases, case studies and convey research >>>>>> results. They will be written for use by other groups to >>>>>> inform protocol design. >>>> >>>> A nit: we also want drafts whose intended audience are just the >>>> RG members. Also, I think it best to say “design, >>>> deployment, and useâ€. >>>>>> Policy papers, for in-depth analysis and discussion of the >>>>>> relationship between attack defence and the Internet >>>>>> architecture and protocols. Research papers, containing >>>>>> quantitative evidence of actual attacks and the success of >>>>>> defence methods against them, as well as theoretical and >>>>>> formal analyses of the implications of proposed protocols >>>>>> on attack defence. Defence methods will be analyzed to >>>>>> determine if there are ways to optimize in order to better >>>>>> scale attack detection and mitigation. Survey of current >>>>>> and historic IETF material to discover existing >>>>>> deliberations on attack defence. Best practice papers, >>>>>> describing methodologies that will enable researchers to >>>>>> conduct experiments and report results that are useful to >>>>>> designers of protocols. These methodologies will give >>>>>> descriptions of the effects of protocols on attack defence >>>>>> backed by evidence from real-world attacks, >>>>>> laboratory-based testing and theoretical analysis of >>>>>> protocols, through the analysis lens of attacks, detection >>>>>> methods and systematic assessment methodologies. >>>> >>>> It is not clear how the papers would relate to the drafts and >>>> the RFCs. It is probably best to say that the RG will invite >>>> presentations and discussions of research, policy, and survey >>>> papers published elsewhere. That would help to bring >>>> researchers and their results into the RG, while still allowing >>>> them to publish in peer-reviewed venues. >>>> >>>> I suggest having a goal like “Promoting communication between >>>> the IETF community and the cyber threat defense community, >>>> through discussions online and in regular meetingsâ€. >>>> >>>> >>>>>> Within the first year, the research group aims to: Survey >>>>>> existing attack detection methods and determine >>>>>> the relative effectiveness of these methods against >>>>>> different attack defence threats (e.g. phishing, DDoS, >>>>>> spambots, C&C, endpoint malware) Publish case studies of >>>>>> historical attacks and make recommendations where attacks >>>>>> could have been stopped more quickly, or even prevented >>>>>> Publish an Informational RFC, titled: "Important Attack >>>>>> Defence Considerations for Protocol Design and >>>>>> Deployment". >>>>>> >>>>>> ## MEMBERSHIP Membership is open to any interested parties >>>>>> who intend to remain current with the published documents >>>>>> and mailing list issues. Wide participation from industry, >>>>>> academia, government and non-profits is encouraged. >>>> >>>> This is really good, thanks again for taking the initiative >>>> with this. >>>> >>>> Best regards, >>>> >>>> David >>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> This information is exempt under the Freedom of Information >>>>>> Act 2000 (FOIA) and may be exempt under other UK >>>>>> information legislation. Refer any FOIA queries to >>>>>> ncscinfoleg@ncsc.gov.uk <mailto:ncscinfoleg@ncsc.gov.uk>-- >>>>>> Smart mailing list Smart@irtf.org <mailto:Smart@irtf.org> >>>>>> https://www.irtf.org/mailman/listinfo/smart >>>>>> <https://www.irtf.org/mailman/listinfo/smart> >>>> -- Smart mailing list Smart@irtf.org <mailto:Smart@irtf.org> >>>> https://www.irtf.org/mailman/listinfo/smart >>>> <https://www.irtf.org/mailman/listinfo/smart> >>> >>> >>> -- >>> >>> Best regards, Kathleen >> -- Smart mailing list Smart@irtf.org >> https://www.irtf.org/mailman/listinfo/smart > > > >
- [Smart] Draft Charter For SMART Proposed RG Kirsty P
- Re: [Smart] Draft Charter For SMART Proposed RG Stephen Farrell
- Re: [Smart] Draft Charter For SMART Proposed RG Bret Jordan
- Re: [Smart] Draft Charter For SMART Proposed RG Kirsty P
- Re: [Smart] Draft Charter For SMART Proposed RG Kirsty P
- Re: [Smart] Draft Charter For SMART Proposed RG Stephen Farrell
- Re: [Smart] Draft Charter For SMART Proposed RG Kathleen Moriarty
- Re: [Smart] Draft Charter For SMART Proposed RG Bret Jordan
- Re: [Smart] Draft Charter For SMART Proposed RG David McGrew (mcgrew)
- Re: [Smart] Draft Charter For SMART Proposed RG Kathleen Moriarty
- Re: [Smart] Draft Charter For SMART Proposed RG David McGrew (mcgrew)
- Re: [Smart] Draft Charter For SMART Proposed RG Kirsty P
- Re: [Smart] Draft Charter For SMART Proposed RG Bret Jordan
- Re: [Smart] Draft Charter For SMART Proposed RG Bret Jordan
- Re: [Smart] Draft Charter For SMART Proposed RG Stephen Farrell
- Re: [Smart] Draft Charter For SMART Proposed RG Bret Jordan
- Re: [Smart] Draft Charter For SMART Proposed RG Bret Jordan
- Re: [Smart] Draft Charter For SMART Proposed RG Suresh Ramasubramanian
- Re: [Smart] Draft Charter For SMART Proposed RG Stephen Farrell
- Re: [Smart] Draft Charter For SMART Proposed RG Kirsty P
- Re: [Smart] Draft Charter For SMART Proposed RG David McGrew (mcgrew)
- Re: [Smart] Draft Charter For SMART Proposed RG David McGrew (mcgrew)
- Re: [Smart] Draft Charter For SMART Proposed RG David McGrew (mcgrew)
- Re: [Smart] Draft Charter For SMART Proposed RG Bret Jordan
- Re: [Smart] Draft Charter For SMART Proposed RG Arnaud.Taddei.IETF