[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <49652AD4.7090008@free.fr>
Date: Wed, 07 Jan 2009 23:21:08 +0100
From: Jerome Athias <jerome.athias@...e.fr>
To: Fernando Gont <fernando.gont@...il.com>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: [Suspected Spam]"Security Assessment of the Internet Protocol"
& the IETF
Hi,
I still not have read all your paper, but my first word is congratulations!
That's an hard job.
Since a quick search didn't give a result for it, and maybe others could
be interested:
The AVISPA (Automated Validation of Internet Security Protocols and
Applications) project aims at developing a push-button,
industrial-strength technology for the analysis of large-scale Internet
security-sensitive protocols and applications.
This website contains all relevant information about AVISPA for project
members, interested third parties and scientists worldwide.
http://www.avispa-project.org/
My 2 cents for now
/JA
Fernando Gont a écrit :
> Folks,
>
> In August 2008 the UK CPNI (United Kingdom's Centre for the Protection of
> National Infrastructure) published the document "Security Assessment
> of the
> Internet Protocol". The motivation of the aforementioned document is
> explained in the Preface of the document itself. (The paper is available
> at: http://www.cpni.gov.uk/Docs/InternetProtocol.pdf )
>
> Once the paper was published by CPNI, I produced an IETF Internet-Draft
> version of the same paper, with the intent of having the IETF publish
> recommendations and/or update the specifications where necessary. This
> IETF
> Internet-Draft is available at:
> http://www.gont.com.ar/drafts/ip-security/index.html (and of course it's
> also available at the IETF I-D repository).
>
> The Internet-Draft I published was aimed at the OPSEC WG. And the Working
> Group is right now deciding whether to accept this document as a WG item.
> This is certainly a critical step. Having the OPSEC WG accept this
> document
> as a WG item would guarantee to some extent that the IETF will do
> something
> about all this, and would also somehow set a precedent in updating the
> specifications of core protocols and/or providing advice on security
> aspects of them.
>
> The call for consensus is available at:
> http://www.ietf.org/mail-archive/web/opsec/current/msg00373.html . You can
> voice your opinion on the relevant mailing-list sending an e-mail to
> opsec@...f.org . You don't need to subscribe to the mailing list to post a
> message (although your message will be held for moderator approval before
> it is distributed to the list members).
>
> The deadline for posting your opinion is January 9th (next Friday).
>
> Thanks so much!
>
> Kind regards,
> Fernando Gont
>
>
>
>
--
Fernando Gont
e-mail: fernando@...t.com.ar || fgont@....org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
Powered by blists - more mailing lists