Hi Michael, One additional issue for outside attackers is to mention that a specific attack surface is anywhere that an autonomic entity interacts with a non-autonomic entity, which is by definition outside the ANI security barrier. Unlike the second bullet in 9.2 "Risk of Insider Attacks", this is fairly specific to autonomic components.
Regards Brian On 12/10/2017 22:23, Michael H. Behringer wrote: > As mentioned before, the Security Considerations section needed work. I > have now restructured and to a large extent re-written that section. > > The main focus is on the fact that while AN is auto-protecting, in the > case of a vulnerability, protocol design error, operational error, the > attack surface is huge. > > All, especially co-authors: Please read the new section and comment! > > Right now only on github: > https://github.com/mbehring/ANIMA-Reference-Model/blob/master/draft-ietf-anima-reference-model.txt > > Other than that: > - on sections 7.6 and 7.7 I'm waiting for feedback from John. > - otherwise, to my knowledge, all other input received has been taken > into account. > > Once 7.6, 7.7 and the security considerations are stable, I'll push a > new version. Co-authors: Comment now! :-) > > Michael > > _______________________________________________ > Anima mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/anima > _______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
