Re: threat modeling & use cases (was RE: [ietf-dkim] Tracing SSP's parad

ietf-dkim

Re: threat modeling & use cases (was RE: [ietf-dkim] Tracing SSP's paradigm change

2007-12-06 23:56:51


On Dec 6, 2007, at 10:36 PM, Scott Kitterman wrote:

On Friday 07 December 2007 00:46, Steve Atkins wrote:

The first step would be a group consensus on what the threats
are ("what SSP is supposed to be for"), or at least a superset of
what most people think.

Anyone? Bueller?

I, for one, feel like we did this in great depth during and before the

requirements development. My suggestion would be to look to thework we've

already done and refresh your memory on the established consenses.


I recall two suggestions from there. Neither were considered in any
depth.

1. Domain forgery. That's not a "threat". It's an intermediate step,at most.


2. Phishing.

So that's.... one.

Got any others?

Cheers,
  Steve

_______________________________________________

NOTE WELL: This list operates according tohttp://mipassoc.org/dkim/ietf-list-rules.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-dkim] Tracing SSP's paradigm change, (continued) Re: [ietf-dkim] Tracing SSP's paradigm change, Scott Kitterman Re: [ietf-dkim] Tracing SSP's paradigm change, Steve Atkins Re: [ietf-dkim] Tracing SSP's paradigm change, Scott Kitterman RE: [ietf-dkim] Tracing SSP's paradigm change, Patrick Peterson Re: [ietf-dkim] Tracing SSP's paradigm change, Hector Santos Re: [ietf-dkim] Tracing SSP's paradigm change, Steve Atkins Re: [ietf-dkim] Tracing SSP's paradigm change, Hector Santos threat modeling & use cases (was RE: [ietf-dkim] Tracing SSP's paradigm change, J D Falk Re: threat modeling & use cases (was RE: [ietf-dkim] Tracing SSP's paradigm change, Steve Atkins Re: threat modeling & use cases (was RE: [ietf-dkim] Tracing SSP's paradigm change, Scott Kitterman Re: threat modeling & use cases (was RE: [ietf-dkim] Tracing SSP's paradigm change, Steve Atkins <= Re: threat modeling & use cases (was RE: [ietf-dkim] Tracing SSP's paradigm change, Dave Crocker RE: threat modeling & use cases (was RE: [ietf-dkim] Tracing SSP'sparadigm change, J D Falk Re: threat modeling & use cases (was RE: [ietf-dkim] Tracing SSP'sparadigm change, Steve Atkins RE: threat modeling & use cases (was RE: [ietf-dkim] TracingSSP'sparadigm change, J D Falk Re: threat modeling & use cases (was RE: [ietf-dkim] Tracing SSP'sparadigm change, Jim Fenton Re: threat modeling & use cases (was RE: [ietf-dkim] Tracing SSP'sparadigm change, Dave Crocker Re: threat modeling & use cases (was RE: [ietf-dkim] Tracing SSP's paradigm change, Hector Santos Re: [ietf-dkim] Tracing SSP's paradigm change, Wietse Venema Re: [ietf-dkim] Tracing SSP's paradigm change, Michael Thomas Re: [ietf-dkim] Tracing SSP's paradigm change, Steve Atkins

Previous by Date:	Re: [ietf-dkim] A perspective on what SSP is attempting, Hector Santos
Next by Date:	Re: threat modeling & use cases (was RE: [ietf-dkim] Tracing SSP's paradigm change, Dave Crocker
Previous by Thread:	Re: threat modeling & use cases (was RE: [ietf-dkim] Tracing SSP's paradigm change, Scott Kitterman
Next by Thread:	Re: threat modeling & use cases (was RE: [ietf-dkim] Tracing SSP's paradigm change, Dave Crocker
Indexes:	[Date] [Thread] [Top] [All Lists]