On Nov 20, 2013, at 3:31 PM, Fred Baker <[email protected]> wrote: > I just read your ID. > > I think the sense of the ID is pretty much correct. You half-define two > words, "attack" and "mitigate", in saying something about what they are not > (an attack, you say, has a "bad-actor", but implies nothing about the > motivations of the attacker, and a "mitigation" doesn't make the attack go > away, it merely makes it more expensive). I think you would do well to > actually define the terms. > > BTW, I think "bad actor" is a bad choice of words if you want to remove value > judgements and motivations from the discussion. I'd suggest a more neutral > term. > > My definitions probably need work, but I think I'm looking for something like: > > > Glossary: > > "Attack": In common English usage, an "attack" is an aggressive action > perpetrated by an opponent, intended to enforce the opponent's will on the > attacked party. In the Internet, the term is used to refer to a behavior that > subverts the intent of a communicator without the knowledge of the parties to > the communication. It may be active or passive. It may change the content of > the communication, record the content of the communication, or through > correlation with other communication events or attempts, reveal information > the communicator did not intend to be revealed. It may also prevent > communication or delay a time-sensitive communication more than its > sensitivity permits.
It may force the communicator to spend money to mitigate attacks rather than pursue his personal or business interest. > It may also have other effects that similarly subvert the intent of a > communicator. > > "Mitigation": As in common english usage, the term is used in the Internet in > the sense of "make less severe, serious, or painful." > (http://www.oxforddictionaries.com/us/definition/american_english/mitigate). > Colloquially, the term is also used in the sense of making something of no > effect, but this usage is not implied in the Internet context. If a person is > cold, common english usage would consider the act of putting on a coat or the > act of entering a warm building as mitigations. While the latter (making the > matter of no effect) is desirable, for many purposes the former is > cost-effective and sufficient for the purpose. > > > > You might also walk through the document looking for run-on sentences and > verbal lists. Search for the word "and", and ask yourself in each usage > whether it could be usefully replaced with a period followed by the start of > a new sentence. Search also for the word "or"; a list is "A, B, or C", not "A > or B or C". In general, try to use simple sentences in active voice ("A does > B to C"), as opposed to more complex sentences or passive voice ("B is done > to C by A").
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
