[cabf_netsec] Summary Presentation for Wednesday F2F

Neil Dunbar ndunbar at trustcorsystems.com
Wed Oct 21 03:46:55 MST 2020


All,

I've prepared a summary presentation for today (Wednesday 2020-10-21).
It's called F2F 51 Summary presentation and is in the team Google Drive.

Essentially, it's a cut down version of yesterday's NetSec meeting, with
some added text on (a) recognition of the audit challenge stemming from
Cloud, mentioned by Don Sheehy, and (b) a mention of the DigiNotar test
for changes (ie, would DigiNotar have passed this requirement; NB: even
if the answer is "yes", this does not mean the change is a bad one,
merely that the change does not in itself preclude a bad actor from,
well, acting badly). I mentioned yesterday that DigiNotar's principal
failing was not that they suffered an attack, it was that they did not
report what was required, and actively covered up the effect of such
attacks.

Anyway, any changes and/or observations happily accepted.

Thanks,

Neil




More information about the Netsec mailing list