Ben,
On 17 February 2015 at 19:04, Karen Seo<[email protected]> wrote:
Folks,
Sorry if my message implied that I thought the text was in its final form. I
agree that there is not yet consensus on the text/topic and that further
work is needed. However, if the working group agrees that the threat
analysis should be added to 6962, then I believe it would be more expedient
if the text were incorporated into 6962-bis sooner rather than later.
Anyone who reviews 6962-bis will then likely review this text, increasing
the number of eyes on it. And having the threat analysis in the draft will
hopefully facilitate its use in ensuring that the document is
consistent/correct/complete. Perhaps we could incorporate the next revision
of the text with any remaining unresolved comments placed in the issue
tracker? What do folks think?
I would happily use it as a starting point for text in 6962-bis, but I
would feel compelled to remove text that attempts to force issues
which the WG has already decided to defer to later documents (such as
the definition of a gossip protocol), or has decided it does not have
jurisdiction over (such as client behaviour)
The WG can elect to move a discussion of client behavior and gossip
protocols into separate docs. That's a good approach to keeping
each do a reasonable size. But, a security analysis of CT needs to
provide a taxonomy of attacks, explore the implications of failures
or compromises of different system elements, and describe residual
vulnerabilities based on what is and is not mandated by the specs.
Thus, by deferring specs for other elements of the system, the analysis
will, of necessity, identify more residual vulnerabilities.
Steve
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
