+++ to secure your transactions use the Bitcoin Mixer Service +++

 

We need Your Support. Make a Donation now! or Buy Me A Coffee

Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Suspected Spam]"Security Assessment of the Internet Protocol" & the IETF

From: Jerome Athias <jerome.athias () free fr>
Date: Wed, 07 Jan 2009 23:21:08 +0100
Hi,

I still not have read all your paper, but my first word is congratulations!
That's an hard job.

Since a quick search didn't give a result for it, and maybe others could
be interested:
The AVISPA (Automated Validation of Internet Security Protocols and
Applications) project aims at developing a push-button,
industrial-strength technology for the analysis of large-scale Internet
security-sensitive protocols and applications.

This website contains all relevant information about AVISPA for project
members, interested third parties and scientists worldwide.
http://www.avispa-project.org/

My 2 cents for now
/JA

Fernando Gont a écrit :

Folks,

In August 2008 the UK CPNI (United Kingdom's Centre for the Protection of
National Infrastructure) published the document "Security Assessment
of the
Internet Protocol". The motivation of the aforementioned document is
explained in the Preface of the document itself. (The paper is available
at: http://www.cpni.gov.uk/Docs/InternetProtocol.pdf )

Once the paper was published by CPNI, I produced an IETF Internet-Draft
version of the same paper, with the intent of having the IETF publish
recommendations and/or update the specifications where necessary. This
IETF
Internet-Draft is available at:
http://www.gont.com.ar/drafts/ip-security/index.html (and of course it's
also available at the IETF I-D repository).

The Internet-Draft I published was aimed at the OPSEC WG. And the Working
Group is right now deciding whether to accept this document as a WG item.
This is certainly a critical step. Having the OPSEC WG accept this
document
as a WG item would guarantee to some extent that the IETF will do
something
about all this, and would also somehow set a precedent in updating the
specifications of core protocols and/or providing advice on security
aspects of them.

The call for consensus is available at:
http://www.ietf.org/mail-archive/web/opsec/current/msg00373.html . You can
voice your opinion on the relevant mailing-list sending an e-mail to
opsec () ietf org . You don't need to subscribe to the mailing list to post a
message (although your message will be held for moderator approval before
it is distributed to the list members).

The deadline for posting your opinion is January 9th (next Friday).

Thanks so much!

Kind regards,
Fernando Gont






-- 
Fernando Gont
e-mail: fernando () gont com ar || fgont () acm org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
Previous By Date Next
Previous By Thread Next

Current thread:

We need Your Support. Make a Donation now! or