HI Paul, On 2/9/12 3:32 PM, "ext Paul Lambert" <[email protected]> wrote:
> >>The list in the current threat models text that I proposed is by no >>means >>exhaustiveĊ Or intended to be. The intent is to derive a key set of >>security requirements for the protocol. The focus is on those threats >>that >>are relevant to the device-2-database protocol rather than to the much >>more expansive topic of white space technology. > >Yes, but ... > >Without determining if there are technical mitigation mechanisms we >should not be rejecting threats. The threats should all be examined and >we should explicitly determine what is in scope versus unilaterally as >part of the editing process. No doubt. I don't think there is any unilateral proposal here. I am happy to incorporate all relevant threats through the consensus process and discussion on the mailing list. The threat model has evolved from Rev 1 to Rev 4 as a result of feedback from you and others. > >As an interesting example - if there is a natural disaster, should there >be protocol mechanisms to enable use of emergency services without direct >Internet connectivity to the DB? Would you consider this as a threat or a feature that the protocol needs to be concerned with regarding reachability of the database? > >Loss of service (emergency and normal) usage of WS is a threat that >should be listed and may or may not be addressed by technical or >procedural mechanisms. If you can elaborate or (preferably) provide the text describing the threat and consequences, I would be happy to include it. -Raj > >Paul _______________________________________________ paws mailing list [email protected] https://www.ietf.org/mailman/listinfo/paws
