No, Jeff. Most threat analysis with which I am familiar are in regards to a specific deployment or technology within explicit boundaries (i.e., a predefined context). Even so, I would never characterize my own work as addressing "all possible threats" in that context, because new exploits are continually being devised. One can identify classes of threats and establish controls to address the more worrisome ones within the constraints of ones schedule, budget, personnel, and available technology. Threat analysis provides management with additional information to assist them to make hard choices regarding feature definition and allocation of resources. However, in the IETF context, I imagine that its principal function would be to identify security issues that protocol design may (or may not) seek to mitigate. If it is known during design that the protocol is inherently vulnerable to certain classes of exploits, then perhaps that protocol could be designed with hooks to leverage another technology that addresses those exploits. --Eric From: JFC (Jefsey) Morfin [mailto:jefsey@xxxxxxxxxx] >>Therefore, I fear that either the security community will become even >>more >>overworked or else a whole lot of not-very-helpful text will be produced >>or else non-security people will become de facto security people. I'm >>hoping for the third result, but I fear the first two. >Are your threat analysis covering all the possible threads on the >equipement as well as on the installations, processes, services, >communities, persons, cultures, etc. behind them? >thank you _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf