No, Jeff. Most threat analysis with which I am familiar are in regards
to a specific deployment or technology within explicit boundaries (i.e.,
a predefined context). Even so, I would never characterize my own work
as addressing "all possible threats" in that context, because new
exploits are continually being devised.
One can identify classes of threats and establish controls to address
the more worrisome ones within the constraints of ones schedule, budget,
personnel, and available technology. Threat analysis provides management
with additional information to assist them to make hard choices
regarding feature definition and allocation of resources.
However, in the IETF context, I imagine that its principal function
would be to identify security issues that protocol design may (or may
not) seek to mitigate. If it is known during design that the protocol is
inherently vulnerable to certain classes of exploits, then perhaps that
protocol could be designed with hooks to leverage another technology
that addresses those exploits.
--Eric
From: JFC (Jefsey) Morfin [mailto:jefsey(_at_)jefsey(_dot_)com]
Therefore, I fear that either the security community will become even
more
overworked or else a whole lot of not-very-helpful text will be
produced
or else non-security people will become de facto security people. I'm
hoping for the third result, but I fear the first two.
Are your threat analysis covering all the possible threads on the
equipement as well as on the installations, processes, services,
communities, persons, cultures, etc. behind them?
thank you
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf