[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION:draft-yamamoto-v6tc-security-considerations-00.txt

To: "v6ops@ops.ietf.org" <v6ops@ops.ietf.org>
Subject: Re: I-D ACTION:draft-yamamoto-v6tc-security-considerations-00.txt
From: JORDI PALET MARTINEZ <jordi.palet@consulintel.es>
Date: Thu, 14 Jul 2005 09:43:21 +0200
In-reply-to: <16296.194.7.124.120.1121326308.squirrel@webmail.nac.net>
Reply-to: jordi.palet@consulintel.es
User-agent: Microsoft-Entourage/11.1.0.040913

Hi Richard,

Yes totally agree with you ... Attacker seems to fit much better ;-)

Regards,
Jordi




> De: <rfgraveman@nac.net>
> Responder a: <owner-v6ops@ops.ietf.org>
> Fecha: Thu, 14 Jul 2005 03:31:48 -0400 (EDT)
> Para: <jordi.palet@consulintel.es>
> CC: "v6ops@ops.ietf.org" <v6ops@ops.ietf.org>
> Asunto: Re: I-D ACTION:draft-yamamoto-v6tc-security-considerations-00.txt
> 
> Hi Jordi,
> 
>> 3 ... It may be better to use instead of adversary "malicious user" or
>> something else ? I mean adversary may seem as "business competitor" or
>> have
>> other connotations, which I guess are not the intended ones ?
> 
> The best definition of security I have seen in this context is due to Oded
> Goldreich, who says, roughly, that, "Security is about making protocols
> robust against anyone who tries to make them deviate from their intended
> behavior."
> 
> "Malicious," to me, means bad or evil, which involves a value judgment. It
> could be that the one running the protocol is bad, and the one disrupting
> the protocol is good, or there may be legitimate difference of opinion
> about which party is good or bad.
> 
> "Malicious" also has an unfortunate connotation in some security
> literature, whereby a "passive adversary" only observes the protocol and a
> "malicious adversary" actively disrupts it. I dislike this usage, but it
> nevertheless exists.
> 
> So IMHO, "malicious" has more connotative baggage than "adversary." If you
> don't like "adversary," then maybe "attacker?"
> 
> Regards, Richard
> 
> 




************************************
The IPv6 Portal: http://www.ipv6tf.org

Barcelona 2005 Global IPv6 Summit
Information available at:
http://www.ipv6-es.com

This electronic message contains information which may be privileged or confidential. The information is intended to be for the use of the individual(s) named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, including attached files, is prohibited.

References:
- Re: I-D ACTION:draft-yamamoto-v6tc-security-considerations-00.txt
  - From: rfgraveman@nac.net

Prev by Date: Re: I-D ACTION:draft-yamamoto-v6tc-security-considerations-00.txt
Next by Date: Re: I-D ACTION:draft-yamamoto-v6tc-security-considerations-00.txt
Previous by thread: Re: I-D ACTION:draft-yamamoto-v6tc-security-considerations-00.txt
Next by thread: Re: I-D ACTION:draft-yamamoto-v6tc-security-considerations-00.txt
Index(es):
- Date
- Thread