Distributed Security Threat Model

Document Type Expired Internet-Draft (individual)
Author Pekka Savola 
Last updated 2005-10-27
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The distributed security framework document describes an approach where hosts take greater responsibility for protecting against attacks on security vulnerabilities targeted at themselves. This memo analyzes the threat model of the distributed security approach, in particular pointing out areas which the mechanism cannot protect against. XXX: generic comment from JariA: "The main issue that I could see is that its still rather simple presentation of the issues, e.g. does not necessarily go as deep as some other ongoing work goes." XXX: generic comment from EKR: "I found the organization rather confusing. It seems to me like a lot of the material in the framework document would make more sense in the threat model. Without that context, it's fairly hard to understand what you're trying to accomplish." (Similar comment from others: addressing this would require significant(?) text duplication from the framework doc..)


Pekka Savola (psavola@funet.fi)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)