Re: [Trans] Threat model outline, attack model

Stephen Kent <kent@bbn.com> Mon, 29 September 2014 19:16 UTC

Return-Path: <kent@bbn.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CBFF1A88B8 for <trans@ietfa.amsl.com>; Mon, 29 Sep 2014 12:16:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.966
X-Spam-Level:
X-Spam-Status: No, score=-3.966 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MISSING_HEADERS=1.021, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.786, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mP_WMVgTT6fB for <trans@ietfa.amsl.com>; Mon, 29 Sep 2014 12:16:17 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A6311A9248 for <trans@ietf.org>; Mon, 29 Sep 2014 12:16:17 -0700 (PDT)
Received: from dommiel.bbn.com ([192.1.122.15]:33149 helo=comsec.home) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1XYgQi-0007FZ-FA for trans@ietf.org; Mon, 29 Sep 2014 15:16:16 -0400
Message-ID: <5429AFFF.303@bbn.com>
Date: Mon, 29 Sep 2014 15:16:15 -0400
From: Stephen Kent <kent@bbn.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
CC: trans@ietf.org
References: <5411E511.1040605@bbn.com> <CABrd9STmog8-JZCg9Tfv_ToUswY=9LBcZAPQM2cqUVcO0dhAnQ@mail.gmail.com> <54173589.3000404@bbn.com> <CABrd9SRShqm1r-2ajbqD5w1s686ciyjcEvywsXZaapgmi57NsA@mail.gmail.com> <54242F8A.2080602@bbn.com> <CABrd9SSwAdv-mAgofNT6bMWky7q=bZhAaX=L4gZUQDkROQ-3ZA@mail.gmail.com> <54258AF0.7090602@bbn.com> <84DBAB20-0B94-49AA-8C0A-2521B3B6F90E@kinostudios.com>
In-Reply-To: <84DBAB20-0B94-49AA-8C0A-2521B3B6F90E@kinostudios.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/JShB7zItAgu2Azu3O9VVl21DZoo
Subject: Re: [Trans] Threat model outline, attack model
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Sep 2014 19:16:19 -0000

Greg,

I'm impressed by your web site graphics.

Unfortunately, for RFCs, we have to stick with ASCII art, which is 
painful and
only black and white.  So, although I agree that diagrams are very helpful
when trying to understand the CT context, I won't be able to incorporate 
them
into my text.

I have not visited the Google CT web site because I focus on what we do 
in IETF
WGs, and for that only material published in that context counts. In 
fact, I have
complained about referring to the CT web site to gain a better understanding
of what 6962-bis is supposed to mean; discussion and explanations of CT 
need to
be part of the IETF archival data, not on an independent web site. But, 
that's another
issue.

I'm continuing to revise the attack analysis, based on my analysis of the
CABF guidelines, more thought, and helpful feedback from folks like Rick 
and Santosh.
I'll post an updated version of the attack analysis later this week,

Steve