Re: [Strint-attendees] Fwd: New Version Notification for draft-iab-strint-report-00.txt

"Moriarty, Kathleen" <kathleen.moriarty@emc.com> Fri, 02 May 2014 10:30 UTC

Return-Path: <kathleen.moriarty@emc.com>
X-Original-To: strint-attendees@lists.i1b.org
Received: from mailuogwhop.emc.com (mailuogwhop.emc.com [168.159.213.141]) by diego.dreamhost.com (Postfix) with ESMTP id EE01C48282 for <strint-attendees@lists.i1b.org>; Fri, 2 May 2014 03:30:38 -0700 (PDT)
Received: from maildlpprd06.lss.emc.com (maildlpprd06.lss.emc.com [10.253.24.38]) by mailuogwprd01.lss.emc.com (Sentrion-MTA-4.3.0/Sentrion-MTA-4.3.0) with ESMTP id s42AUVpq020288 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 2 May 2014 06:30:31 -0400
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd01.lss.emc.com s42AUVpq020288
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=emc.com; s=jan2013; t=1399026631; bh=5WDHXyQ3hCLhY/Fs17nJ2lth0Hs=; h=From:To:CC:Date:Subject:Message-ID:References:In-Reply-To: Content-Type:Content-Transfer-Encoding:MIME-Version; b=jf44V2WKZGrkTWfXXtoakjWVYtXnOomgO5BsaK0Oyiwfy/88LIu+fSQ23kSx951GI E8tG63zsppgdqEjPm5X5mlqiwqnFY/stlTXFBWFtTdBVCHwUGdJ5nAfyMm9p0Ws1hn X/WBJxDlRxfrMjCrVAC3xvsLyUlGbmKu1eZU06+0=
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd01.lss.emc.com s42AUVpq020288
Received: from mailusrhubprd03.lss.emc.com (mailusrhubprd03.lss.emc.com [10.253.24.21]) by maildlpprd06.lss.emc.com (RSA Interceptor); Fri, 2 May 2014 03:30:18 -0700
Received: from mxhub11.corp.emc.com (mxhub11.corp.emc.com [10.254.92.106]) by mailusrhubprd03.lss.emc.com (Sentrion-MTA-4.3.0/Sentrion-MTA-4.3.0) with ESMTP id s42AUHAO005080 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 2 May 2014 06:30:17 -0400
Received: from mx15a.corp.emc.com ([169.254.1.64]) by mxhub11.corp.emc.com ([10.254.92.106]) with mapi; Fri, 2 May 2014 06:30:17 -0400
From: "Moriarty, Kathleen" <kathleen.moriarty@emc.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri, 2 May 2014 06:30:15 -0400
Thread-Topic: [Strint-attendees] Fwd: New Version Notification for draft-iab-strint-report-00.txt
Thread-Index: Ac9l8YLaOVTv3rR7SteCR/d4o2rErQ==
Message-ID: <891A8473-3E11-4B45-9D8B-F9BB27DE1A1E@emc.com>
References: <20140428175956.24742.58926.idtracker@ietfa.amsl.com> <535E9949.7050204@cs.tcd.ie> <535F735D.9060809@cs.tcd.ie> <53633126.90703@fifthhorseman.net>
In-Reply-To: <53633126.90703@fifthhorseman.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Sentrion-Hostname: mailusrhubprd03.lss.emc.com
Cc: "strint-attendees@lists.i1b.org" <strint-attendees@lists.i1b.org>
Subject: Re: [Strint-attendees] Fwd: New Version Notification for draft-iab-strint-report-00.txt
X-BeenThere: strint-attendees@lists.i1b.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: STRINT Workshop Discussion List <strint-attendees-i1b.org>
List-Unsubscribe: <http://lists.i1b.org/options.cgi/strint-attendees-i1b.org>, <mailto:strint-attendees-request@lists.i1b.org?subject=unsubscribe>
List-Archive: <http://lists.i1b.org/pipermail/strint-attendees-i1b.org>
List-Post: <mailto:strint-attendees@lists.i1b.org>
List-Help: <mailto:strint-attendees-request@lists.i1b.org?subject=help>
List-Subscribe: <http://lists.i1b.org/listinfo.cgi/strint-attendees-i1b.org>, <mailto:strint-attendees-request@lists.i1b.org?subject=subscribe>
X-List-Received-Date: Fri, 02 May 2014 10:30:39 -0000

Thanks for the write up, Stephen & team!

I don't think we covered more recent revelations concerning attacks on administrators to gain access to network equipment.  There may be an RFC already on hardening/security measures, so we may or may not need one.

I'm wondering if 10 could be expanded (or a note added to it that this was released subsequent to the workshop, but is important to capture) to highlight this as a threat vector for pervasive monitoring (iterative compromises leading to access of service provider network equipment to gather data).

Section 5.2 hits on this point (similar enough), but for repositories and not network equipment that could also be used to gather session data, metadata, or logs.

Not sure if it is appropriate or possible to add that in, but thought it was worth raising it.

Thanks,
Kathleen 

Sent from my iPhone

> On May 2, 2014, at 1:46 AM, "Daniel Kahn Gillmor" <dkg@fifthhorseman.net>; wrote:
> 
>> On 04/29/2014 05:39 AM, Stephen Farrell wrote:
>> 
>> Sorry the link to the draft below was broken, it should
>> be:
>> 
>> [1] https://tools.ietf.org/html/draft-iab-strint-report
> 
> Thanks for doing this writeup, Stephen.  I've only done a brief skim of
> the first half.  I also note you've committed what appear to be
> generated files to the https://github.com/sftcd/strint-report repo in
> addition to the source files.  I think (based on the Makefile) that you
> want edits  to the .xml file, and not the others.
> 
> I recommend removing every generated file from the git repository to
> make the workflow clearer to people who plan to send changes via github.
> 
> I've just pushed a couple minor clarifications and edits to:
> 
> https://github.com/sftcd/strint-report/pull/2
> 
> hth,
> 
>    --dkg
> 
> <signature.asc>
> _______________________________________________
> Strint-attendees mailing list
> Strint-attendees@lists.i1b.org
> http://lists.i1b.org/listinfo.cgi/strint-attendees-i1b.org