Skip to main content

Internet Threat Model Evolution: Background and Principles
draft-arkko-farrell-arch-model-t-redux-01

Document Type Expired Internet-Draft (individual)
Authors Jari Arkko , Stephen Farrell
Last updated 2021-08-26 (Latest revision 2021-02-22)
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text htmlized pdfized bibtex
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)
This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at:
https://www.ietf.org/archive/id/draft-arkko-farrell-arch-model-t-redux-01.txt

Abstract

Communications security has been at the center of many security improvements in the Internet. The goal has been to ensure that communications are protected against outside observers and attackers. This memo suggests that the existing RFC 3552 threat model, while important and still valid, is no longer alone sufficient to cater for the pressing security and privacy issues seen on the Internet today. For instance, it is often also necessary to protect against endpoints that are compromised, malicious, or whose interests simply do not align with the interests of users. While such protection is difficult, there are some measures that can be taken and we argue that investigation of these issues is warranted. It is particularly important to ensure that as we continue to develop Internet technology, non-communications security related threats, and privacy issues, are properly understood.

Authors

Jari Arkko
Stephen Farrell

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)