[cabf_netsec] Invitation to Threat Modeling Discussion on Additional Network Security Controls

Ben Wilson bwilson at mozilla.com
Tue Sep 1 16:53:54 MST 2020

Here is the Webex information that I've posted on the wiki:

On Tue, Sep 1, 2020 at 9:02 AM Ben Wilson <bwilson at mozilla.com> wrote:

> On Mon, Aug 24, 2020 at 10:45 AM Ben Wilson <bwilson at mozilla.com> wrote:
>> For the reasons outlined below, we need each CA to send someone
>> knowledgeable about network security to our next Threat Modeling subgroup
>> meeting, to be held on Thursday, Sept. 3rd, at 1:00 p.m. Eastern Daylight
>> Time (1700 UTC). Please send me and Mariusz the name of someone who can
>> attend and we'll send them an invite.
>> In recent meetings of the NetSec group and the Document Restructuring
>> subgroup we have discussed the "Zones" Ballot.  We have referred some
>> discussion to the Threat Modeling subgroup. Specifically, how do we handle
>> the replacement of NCSSR section 1.e., which currently reads, "Implement
>> and configure Security Support Systems that protect systems and
>> communications between systems inside Secure Zones and High Security Zones,
>> and communications with non-Certificate Systems outside those zones
>> (including those with organizational business units that do not provide
>> PKI-related services) and those on public networks"? The proposed
>> replacement ("Implement and configure Security Support Systems to secure
>> communications and protect Certificate Systems from attacks emanating from
>> non-trusted networks")has been criticized as too weak. Can we add
>> additional controls to address this issue?
>> 1 - We have discussed authentication and encryption as preventative
>> measures, and continuous monitoring as a detective measure. (E.g. what is
>> meant by "fully authenticated", "end-to-end encryption", etc., and are
>> there standards that use similar language which might be helpful?)
>> 2 - We hope to focus on cloud-based networking security controls and
>> similar situations where a common internal network needs to protect highly
>> sensitive CA processes.
>> 3 - Aside from user authentication, I also have a concern about the
>> authentication/system access by non-user system accounts and system
>> processes. How do we protect them from being hijacked? Should this be part
>> of the discussion, too?
>> In sum, how can we modify section 1.e. so that it adequately protects
>> against network-based attacks?
>> Thanks,
>> Ben
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/netsec/attachments/20200901/fa2f8bc3/attachment.html>

More information about the Netsec mailing list