lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 07 Jan 2009 23:21:08 +0100 From: Jerome Athias <jerome.athias@...e.fr> To: Fernando Gont <fernando.gont@...il.com> Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Re: [Suspected Spam]"Security Assessment of the Internet Protocol" & the IETF Hi, I still not have read all your paper, but my first word is congratulations! That's an hard job. Since a quick search didn't give a result for it, and maybe others could be interested: The AVISPA (Automated Validation of Internet Security Protocols and Applications) project aims at developing a push-button, industrial-strength technology for the analysis of large-scale Internet security-sensitive protocols and applications. This website contains all relevant information about AVISPA for project members, interested third parties and scientists worldwide. http://www.avispa-project.org/ My 2 cents for now /JA Fernando Gont a écrit : > Folks, > > In August 2008 the UK CPNI (United Kingdom's Centre for the Protection of > National Infrastructure) published the document "Security Assessment > of the > Internet Protocol". The motivation of the aforementioned document is > explained in the Preface of the document itself. (The paper is available > at: http://www.cpni.gov.uk/Docs/InternetProtocol.pdf ) > > Once the paper was published by CPNI, I produced an IETF Internet-Draft > version of the same paper, with the intent of having the IETF publish > recommendations and/or update the specifications where necessary. This > IETF > Internet-Draft is available at: > http://www.gont.com.ar/drafts/ip-security/index.html (and of course it's > also available at the IETF I-D repository). > > The Internet-Draft I published was aimed at the OPSEC WG. And the Working > Group is right now deciding whether to accept this document as a WG item. > This is certainly a critical step. Having the OPSEC WG accept this > document > as a WG item would guarantee to some extent that the IETF will do > something > about all this, and would also somehow set a precedent in updating the > specifications of core protocols and/or providing advice on security > aspects of them. > > The call for consensus is available at: > http://www.ietf.org/mail-archive/web/opsec/current/msg00373.html . You can > voice your opinion on the relevant mailing-list sending an e-mail to > opsec@...f.org . You don't need to subscribe to the mailing list to post a > message (although your message will be held for moderator approval before > it is distributed to the list members). > > The deadline for posting your opinion is January 9th (next Friday). > > Thanks so much! > > Kind regards, > Fernando Gont > > > > -- Fernando Gont e-mail: fernando@...t.com.ar || fgont@....org PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
Powered by blists - more mailing lists