fear and loathing at the ietf fear and loathing at the
play

Fear and Loathing at the IETF Fear and Loathing at the IETF (Ten - PowerPoint PPT Presentation

Jul 02, 2023 •268 likes •374 views

Fear and Loathing at the IETF Fear and Loathing at the IETF (Ten Years with No Pay) (Ten Years with No Pay) Note: Note: NEVER joke about your presentation title with the Panel Chairperson!! NEVER joke about your presentation title with the

  1. Fear and Loathing at the IETF Fear and Loathing at the IETF (Ten Years with No Pay) (Ten Years with No Pay) Note: Note: NEVER joke about your presentation title with the Panel Chairperson!! NEVER joke about your presentation title with the Panel Chairper son!! My apologies to HST My apologies to HST Sepucha_Date_01

  2. IETF Security Standards IETF Security Standards Challenges and Opportunities Challenges and Opportunities Hugh Harney SPARTA, Inc. 7075 Samuel Morse Dr. Columbia, MD, 21046 410-872-1515 x203 Sepucha_Date_02

  3. Agenda Agenda • Are the ground rules changing? – Are we forgetting end to end? – Are we passing adequate policy information? – Are the mechanism flexible enough? Sepucha_Date_03

  4. Are we forgetting end to end system design? Are we forgetting end to end system design? Store and forward systems need • system level mechanisms. – Service desired is secure end to SECURE end. Server – Communications push us to store and forward solutions. Router – Pairwise connections to servers are not end to end secure. ? Peer Router ? Router Peer » Source authentication » Data integrity Router Peer Router Peer » Does the data source really know the access control Router rules? Peer END-TO-END ARGUMENTS IN SYSTEM DESIGN J.H. Saltzer, D.P. Reed and D.D. Clark* Sepucha_Date_04

  5. Adequate policy information? Adequate policy information? • Mobility makes it difficult to have static policy for a single identity – Policy changes based on location – Policy changes based on environment • Large efforts are adding policy negotiation capabilities to IKE for network layer SA s Sepucha_Date_05

  6. Adequate policy information? Adequate policy information? Policy is commonly assumed to flow from a trusted authority • In truth, policy is composed of many local policy authorities • with conditional dominance – This is true for security access control / authorization policy, and for information flow policy. » E.g., an ISP in two different countries have different supported mechanisms. – The Data policy may need to transcend the local policies to find adequate protection services. » E.g., Country X may require an algorithm set that does not meet the protection requirements, the security policy would have to interact with the routing policy to ensure protection. Standards are needed to expand the definition of policy • negotiation. – Coalitions between countries and industry are prime examples. Sepucha_Date_06

  7. Adequate policy information? Adequate policy information? Dominance based policy is being expanded. • – Policy decisions based on a composed policy. » Multiple policy authorities. » Conditional rules based on location and environment. » Turning complete languages? – Lattice based policies are more adaptable to event based information policies. These efforts need additional policy payloads to exchange system • level information. – There is working code and working systems – Need this type of work to filter into the IETF We really can’t keep the one Certificate Authority model for policy • anymore. – Security policies need to be written with a mind toward multiple authorities and mechanisms. Sepucha_Date_07

  8. Are the mechanism flexible enough? Are the mechanism flexible enough? Flexible mechanisms allow us to create standards that stand the • test of time. – Can the standard provide algorithm flexibility? – Does the standard provide hooks for additional services? – What happens when algorithms age? – Intelligent flexibility can enhance performance. » Simple doesn’t always equate to fast » Service modes allow for optimized service modes – TCP MD5 • No key id field: static keying • No service options: one mode • Not authenticated TCP: MD5 – If you need to use something other than MD5 write a standard. • Use of RSA signatures in IPSec ESP and AH may have the same issues. Sepucha_Date_08

  9. What will help? What will help? • The IETF core principles are sound, – Working code and rough consensus. • The group of participants have changed. – Focus on products, not the services that the products provide – Users are absent, mostly. • We need more user based challenges pushing the standards – Work is going on, we need the users to provide input into the standards process. Sepucha_Date_09

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

@lady_nerd laura@safestack.io https://safestack.io In this talk Fear and loathing Examining

@lady_nerd laura@safestack.io https://safestack.io In this talk Fear and loathing Examining

@lady_nerd laura@safestack.io https://safestack.io In this talk Fear and loathing Examining the root of fear and its effects Fear-based architecture and antipatterns Fear leads to anger, anger leads to hatred. Fearless security

765 views • 40 slides
the Time of COVID-19 Fear and Loathing in Quarantine Understanding the Latest COVID-19

the Time of COVID-19 Fear and Loathing in Quarantine Understanding the Latest COVID-19

New Federal Laws in the Time of COVID-19 Fear and Loathing in Quarantine Understanding the Latest COVID-19 Federal Laws Andrew Nolan | Vaughn Burkholder | Alex Schulte Todays Agenda Key Business Issues Key Personnel Issues Key

407 views • 36 slides
Anxiety, fear, and the fear Dr. Martin What does it feel like? Davidson, R. Thoughts,

Anxiety, fear, and the fear Dr. Martin What does it feel like? Davidson, R. Thoughts,

Components of anxiety What is fear? What is anxiety? Anxiety, fear, and the fear Dr. Martin What does it feel like? Davidson, R. Thoughts, body sensations, behaviours of fear Psych Panic: Fight/flight Fear of fear

405 views • 3 slides
First you tell them what your gonna The oculomotor system tell them The phenomenology of eye

First you tell them what your gonna The oculomotor system tell them The phenomenology of eye

First you tell them what your gonna The oculomotor system tell them The phenomenology of eye movements. Or The anatomy and physiology of the Fear and Loathing at the Orbit extraocular muscles and nerves. The supranuclear control

458 views • 7 slides
Ou Our fear of of sharing the gos ospel 1. Feeling inadequate 2. Fear of rejection 3. Fear

Ou Our fear of of sharing the gos ospel 1. Feeling inadequate 2. Fear of rejection 3. Fear

Ou Our fear of of sharing the gos ospel 1. Feeling inadequate 2. Fear of rejection 3. Fear of offending others 4. Fear of being labeled as weird Wh Why y so so ha hard? d? Think Act Be Ch Chapter r 20 Sh Shar

515 views • 17 slides
There is no fear in love (1 John 4:13-21) 1 John 4:18 There is no fear in love, but perfect

There is no fear in love (1 John 4:13-21) 1 John 4:18 There is no fear in love, but perfect

There is no fear in love (1 John 4:13-21) 1 John 4:18 There is no fear in love, but perfect love casts out fear. Questions our text raises: What kind of fear are we talking about? Why is this kind of fear so prevalent? Why

446 views • 12 slides
ULRICH SCHNELL Habemus Ulle ulrichschnell.dk ulrich@alfhiem.dk Fear not just be very very

ULRICH SCHNELL Habemus Ulle ulrichschnell.dk ulrich@alfhiem.dk Fear not just be very very

ULRICH SCHNELL Habemus Ulle ulrichschnell.dk ulrich@alfhiem.dk Fear not just be very very carefull So waren die Bojaren Then god and the devil seemd totally irrellevant Fear not for I am with you Fear 2 Fear 3 Experienced barbar Bitter

597 views • 22 slides
TREATMENT FOR PTSD/SUD The Fear Structure A fear structure is a program for escaping danger

TREATMENT FOR PTSD/SUD The Fear Structure A fear structure is a program for escaping danger

PROLONGED EXPOSURE AS A TREATMENT FOR PTSD/SUD The Fear Structure A fear structure is a program for escaping danger It includes information about: The feared stimuli The fear response The meaning of stimuli and responses

488 views • 12 slides
Necessary Conversations: Nuclear Fear & Nuclear Fear & A First Look at Interrogation

Necessary Conversations: Nuclear Fear & Nuclear Fear & A First Look at Interrogation

Introduction to Homeland Security November 23, 2005 Necessary Conversations: Nuclear Fear & Nuclear Fear & A First Look at Interrogation Policy A First Look at Interrogation Policy Stephen M. Maurer Goldman School of Public Policy

1.16k views • 70 slides
Rediscovering the spiritual roots of midwifery Rev Lucyann Ashdown Love and Fear by

Rediscovering the spiritual roots of midwifery Rev Lucyann Ashdown Love and Fear by

Rediscovering the spiritual roots of midwifery Rev Lucyann Ashdown Love and Fear by Michael Leunig There are only two feelings Love and Fear There are only two languages Love and fear There are only two activities Love and fear

117 views • 11 slides
Portraits of Jesus in John We have nothing to fear but fear itself Ask not what your

Portraits of Jesus in John We have nothing to fear but fear itself Ask not what your

Portraits of Jesus in John We have nothing to fear but fear itself Ask not what your country can do for you, ask what you can do for your country God is dead, and we have killed him You must be the change you want to

547 views • 15 slides
MISSION People dont get along because they fear each other. People fear each other because

MISSION People dont get along because they fear each other. People fear each other because

MISSION People dont get along because they fear each other. People fear each other because they dont know each other. They dont know each other because they have not properly communicated with each other. Martin Luther King,

191 views • 16 slides
Nothing to fear but fear itself: introducing Why recursion in lower secondary schools recursion?

Nothing to fear but fear itself: introducing Why recursion in lower secondary schools recursion?

Introducing recursion Monga Nothing to fear but fear itself: introducing Why recursion in lower secondary schools recursion? Why recursion is challenging Our Violetta Lonati Dario Malchiodi methodology Mattia Monga Anna Morpurgo

372 views • 13 slides
Barriers to social participation in later life fear of crime and fear of young people

Barriers to social participation in later life fear of crime and fear of young people

Barriers to social participation in later life fear of crime and fear of young people Martina Feilzer, Bangor University and Ian Rees Jones, Cardiff University Planned research Investigate the impact of ageing on social participation

624 views • 17 slides
BIR IRTH TH PANGS NGS Fear & Trust God! KOGmissions.com WORLD VIEWS? Fear or Trust?

BIR IRTH TH PANGS NGS Fear & Trust God! KOGmissions.com WORLD VIEWS? Fear or Trust?

BIR IRTH TH PANGS NGS Fear & Trust God! KOGmissions.com WORLD VIEWS? Fear or Trust? Science? Politics? News? KOGmissions.com BEGINNING OF BIRTH PANGS Tell us, when will these things happen, and what will be the sign of Your

496 views • 10 slides
Fearing God 2 1 10/1/2020 F EAR : Friend or Foe? Fear issues forth from love either for

Fearing God 2 1 10/1/2020 F EAR : Friend or Foe? Fear issues forth from love either for

10/1/2020 1 W ISDOM : L IVING S UCCESSFULLY IN A T REACHEROUS W ORLD Fearing God 2 1 10/1/2020 F EAR : Friend or Foe? Fear issues forth from love either for ourselves or for God. ~ Wilhelmus Brakel The typical man: fear

619 views • 14 slides
WANT TO CONTACT Dont Limit Your ROSS? Future Income by Celebra6ng Helen Broder

WANT TO CONTACT Dont Limit Your ROSS? Future Income by Celebra6ng Helen Broder

WANT TO CONTACT Dont Limit Your ROSS? Future Income by Celebra6ng Helen Broder Yesterdays Profits. (910)256-1204 Ross Shafer Helen@RossShafer.com Ross Shafer VTR CURRENT: Knowing Skinny Jeans are Popular What Im

1.16k views • 73 slides
DISABILITY AND AGING: DYNAMIC DIVERSITY Vicki L. Hanson B. Thomas Golisano College of Computing

DISABILITY AND AGING: DYNAMIC DIVERSITY Vicki L. Hanson B. Thomas Golisano College of Computing

DISABILITY AND AGING: DYNAMIC DIVERSITY Vicki L. Hanson B. Thomas Golisano College of Computing and Information Systems Rochester Institute of Technology QUESTION: Computing has made significant advances that allow for an ever-increasing

865 views • 21 slides
Go Good Ma Manufacturi ring Practices and Ins and Instan antGMP P Soft Softwar are

Go Good Ma Manufacturi ring Practices and Ins and Instan antGMP P Soft Softwar are

Go Good Ma Manufacturi ring Practices and Ins and Instan antGMP P Soft Softwar are Orie ientation ion Slid Slides Topics To Master Production Overview Batch Production Record Workflow Record Workflow Purpose of GMPs

652 views • 48 slides
Medical Device Software Michelle Jump, MS, MSRS, CHA Principal Regulatory Affairs Specialist

Medical Device Software Michelle Jump, MS, MSRS, CHA Principal Regulatory Affairs Specialist

Navigating Regulatory Issues for Medical Device Software Michelle Jump, MS, MSRS, CHA Principal Regulatory Affairs Specialist Stryker Corporation IEEE Symposium on Software Reliability Engineering (Ottawa, ON) October 24, 2016 Does my device

863 views • 39 slides
INTERGENERATIONAL & Wendy Pender, MLS CONNECTIONS King County Library System

INTERGENERATIONAL & Wendy Pender, MLS CONNECTIONS King County Library System

All images (c) Silver Kite Community Arts and used with permission. FOSTERING Jennifer Kulik, Ph.D. Silver Kite Community Arts INTERGENERATIONAL & Wendy Pender, MLS CONNECTIONS King County Library System INTRODUCTIONS A little about

767 views • 43 slides
Transformational Chairwork Working with Fear and Developing Courage Northern Tide By Tim

Transformational Chairwork Working with Fear and Developing Courage Northern Tide By Tim

Transformational Chairwork Working with Fear and Developing Courage Northern Tide By Tim Wallace Scott Kellogg, PhD 2 Four Orienting Principles 3 Four Orienting Principles 1. Multiplicity of self it is clinically useful to understand

1.94k views • 91 slides
Health Law Advocates Non-profit, public interest law firm Pro bono legal services for

Health Law Advocates Non-profit, public interest law firm Pro bono legal services for

Basic Benefits Training: MassHealth and Health Coverage Programs Andrew P. Cohen Supervising Attorney Health Law Advocates MCLE February 27, 2020 Health Law Advocates Non-profit, public interest law firm Pro bono legal services for

436 views • 16 slides
Title of Presentation Policys Effects on Young Children Conference or Event Title Webinar

Title of Presentation Policys Effects on Young Children Conference or Event Title Webinar

Wendy Cervantes Hannah Matthews Name of Presenter Rebecca Ullrich Title of Presenter Our Childrens Fear: Immigration Title of Presentation Policys Effects on Young Children Conference or Event Title Webinar Month Year March 2018

671 views • 34 slides

More recommend