slightly more topic drift w/respect to potential/possible threat models ...
i have put quite a bit of work into security taxonomy as part of the merged securitity glossary and taxonomy
http://www.garlic.com/~lynn/index.html#glosnote
i've relatively recently taken a pass at the cve database ... http://cve.mitre.org/cve/index.html http://www.osvdb.org/
but what I found was very little structure. i have done word frequency analysis on the descriptions ... but even that isn't really conclusive (since effectvely random people are generating quite random word descriptions). I was hoping to find more structure for expanding taxonomy for threat models, vulnerabilities, and exploits.
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]