On Thu, 4 Aug 2005, Arvel Hathcock wrote:
ACTION: The homework assignment for attendees is to
bring assignments are to formulate concise suggestions
for threat statements and benefits statements.
I'm still a little fuzzy on what "threat analysis" means (sorry, I'm a
newb). It seemed to be two things - (a) what is the precise security
problem DKIM is attempting to address
The above is what people at IETF are requesting, i.e. what are the threats
that DKIM is a solution for.
and (b) what are all the attack vectors and vulnerabilities associated
with DKIM.
That would be threats to protocol itself. As far as IETF, this is supposed
to go into security considerations section of the protocol draft (unlike
threat analysis which is supposed to be separate document or often part
of the "requirements" document - back in September/October if you remember
I said such document is going to be needed for MASS)
Another meaning sometimes associated with threat analysis is what are the
threats to other protocols that would arise out of using the protocol.
As far as DKIM the appropriate would be to do analysis of threats to DNS
associated with proposed putting of public keys into DNS. I believe this
is significant enough that DKIM as it is right now should not be modified
to either use other means for key retrieval or use other means to do
authorization using dns.
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net