Re: what is a threat analysis?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Having a "threat analysis" was brought up at the plenary by Steve
Bellovin as being a Good Thing(tm). At the MASS/DKIM BOF we are
being required to produce such a thing as a prerequisite to even
getting chartered as a working group. The problem that I have (and
Dave Crocker at the plenary) is that there doesn't seem to be
any definition of what a "threat analysis" is.

As I posted on the DKIM mailing list on Monday <http://mipassoc.org/pipermail/ietf-dkim/2005q3/000033.html> our AD, Russ Housely has provided us with a rather straight-forward, 3-question template for discussing DKIM's threat analysis:

  * Who are the bad actors?
  * Where do they fit into the protocol environment (eg, middle of net)?
  * What are we trying to prevent them from doing?

I think Russ' list is quite reasonable and he has been clear as to the reason he views the development of the threat analysis (TA) as a pre-requisite. Further, given the history both of previous anti-spam standards efforts and previous IETF security efforts, I am hard-pressed to disagree with him. It's a pain in the ass to have to develop this stuff prior to chartering, but the project manager in me knows it will be Very Good Thing for ensuring coherence and focus of the effort.

(In fact my own real concern about the TA requirement is noting how little followup there has been on the DKIM list, since my original posting there, 48 hours ago. Some folks are having great fun, there, debating other details about DKIM concepts and DKIM documentation, but there has been essentially no followup on threat analysis.)

At any rate, my point at the plenary was a concern that the Security community, itself, does not yet appear to have adequate consensus description of, and requirements for, TA to give the rest of us consistent guidance. From what I have seen over the years, the requirement for doing a TA up-front, in the IETF, is recent. So it is not surprising that the method of doing it is unfamiliar to the rest of us.


So, if this is going to be yet another hoop that the IESG and IAB
sends working groups through like problem statements, requirements
documents and the like, I think it ought to be incumbent on

No question about it. Recruiting a larger community to support an effort certainly involves tasks that aren't fun. Especially since it should be so obvious why the effort is wonderful...

In any event, Russ has been clear and consistent. Although general discussion about threat analysis shows community variations, the DKIM effort has not (yet) been given inconsistent guidance (that I am aware of.)

d/

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]