Re: draft-jones-opsec-framework-01 comments

[George Jones <eludom@gmail.com>]

On Tue, 9 Nov 2004 15:34:01 +0200 (EET), Pekka Savola <pekkas@netcore.fi> wrote:

> 
> I think there has been significant for attack classifications.  Maybe
> this could reused instead of reinventing the wheel?

Yes.   I believe Merike started with 3552 for just that reason.
If you've got sources/classifications you like (e.g. for "on path"
vs. "off path", "active" vs. "replay/insertion", etc., please forward
references.   We are definitely *not* interested in developing 
a complete theoretical threat model from scratch here.

Having the threat model in the framework is intended to be descriptive,
to provide a place to hang/classify the various threats cited in the
operations survey and capabilities documents.  It is not intended 
to drive what goes in the other documents.

The whole point of the operations survey document is to classify what
operators are doing today in response to threats that they perceive.
Operators use SSH for remote inband CLI access (current practice)
because they there is a real chance that their CLI sessions (passwords, etc)
may be intercepted (perceived threat).

In this case, the perceived operator threats are the horse and the
threat model is the cart.  You're free to argue with that arrangement :-)

---George