IETF Logo Mail Archive

Re: [Trans] Threat model outline, attack model

David Leon Gil <coruus@gmail.com> Wed, 01 October 2014 14:54 UTC

Return-Path: <coruus@gmail.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C7531A1A05 for <trans@ietfa.amsl.com>; Wed, 1 Oct 2014 07:54:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4F3uGQfkwDmT for <trans@ietfa.amsl.com>; Wed, 1 Oct 2014 07:54:32 -0700 (PDT)
Received: from mail-la0-x22c.google.com (mail-la0-x22c.google.com [IPv6:2a00:1450:4010:c03::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 325B91ACE1E for <trans@ietf.org>; Wed, 1 Oct 2014 07:54:31 -0700 (PDT)
Received: by mail-la0-f44.google.com with SMTP id gb8so526802lab.17 for <trans@ietf.org>; Wed, 01 Oct 2014 07:54:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=FzG8FtPRalVDgnhtY+mSusaHfXhCkirFtvnZULih9Z4=; b=S37SWJZBjNLcUOCu3TerpuL15EqYd6mBu7/OHpiRczJgCwlfoYZcfp8a5F6ESmj1FH 5DWedz40VdxjklY/PXIYgw0Nj+4D/PJWGSP0xPS93mxtW+VJuW/TEYWqEW4YEFuev5+o XnnzcyxJtJdg7/5JFZvCdD9N1kUP3AbUOkYuNCxTj3EVwQGY84OUsbLG9LGW8yA52duT 3J0OG/mZDMGMW1YVIGSkRQDf8PYug/6JM1PE0MOCncyvQqBjmnlWG60te9pgQZXhk47x reJZZiBc0Vybt+g0xJUG0lCaB2GTWdkGIyBVRaQNHqtHmz1tIduw8XWkpkf+E/nW82Qv OiqA==
X-Received: by 10.112.78.38 with SMTP id y6mr18831185lbw.94.1412175269425; Wed, 01 Oct 2014 07:54:29 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.25.218.145 with HTTP; Wed, 1 Oct 2014 07:54:09 -0700 (PDT)
In-Reply-To: <542C1063.50404@bbn.com>
References: <5411E511.1040605@bbn.com> <CABrd9STmog8-JZCg9Tfv_ToUswY=9LBcZAPQM2cqUVcO0dhAnQ@mail.gmail.com> <54173589.3000404@bbn.com> <CABrd9SRShqm1r-2ajbqD5w1s686ciyjcEvywsXZaapgmi57NsA@mail.gmail.com> <54242F8A.2080602@bbn.com> <CABrd9SSwAdv-mAgofNT6bMWky7q=bZhAaX=L4gZUQDkROQ-3ZA@mail.gmail.com> <54258AF0.7090602@bbn.com> <CABrd9SQNXHdJQCC3JQJirqdkg_ub0oXCkxPqit9H6LjUPqNioA@mail.gmail.com> <54297249.1090409@bbn.com> <CABrd9ST59Yd3GDjxMiX9jMg68_BRd2_v0Mpo8u_oW1zM1VWjjA@mail.gmail.com> <542C1063.50404@bbn.com>
From: David Leon Gil <coruus@gmail.com>
Date: Wed, 01 Oct 2014 10:54:09 -0400
Message-ID: <CAA7UWsW06qYWfO_CDGEvhR2OJbiodrJ96qPuz=6-DnK4XNdR7g@mail.gmail.com>
To: Stephen Kent <kent@bbn.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/a9h3jwvRbXEvMJFqWDWnJUVDHwc
Cc: "trans@ietf.org" <trans@ietf.org>, Ben Laurie <benl@google.com>
Subject: Re: [Trans] Threat model outline, attack model
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Oct 2014 14:54:34 -0000

On Wed, Oct 1, 2014 at 10:32 AM, Stephen Kent <kent@bbn.com> wrote:
> If a "broader scope" means using more ambiguous terms, I can't see why that would be an improvement.
> It has the flavor of "CT is obviously good, so let's just do it."

Okay. You've convinced me.

So: I've disabled syslog on all my servers. I can't define a-priori
what security issues logging might detect. Thus there's no point in
logging anything.

v2.23.0 | Report a Bug | By Email