[cabf_netsec] NetSec Minutes for June 21st 2022

Prachi Jain pjain at fastly.com
Sun Jul 10 15:51:17 UTC 2022 

 Hi All !!

Please find below the netsec meeting minutes for June 21st. My apologies
for the delay. I was out on vacation.

-Prachi


*----------------------------------------------------------------------------------------*

*NetSec Working Group – June 21st, 2022*


*Attendees: *

Clint Wilson

Joanna Fox

Thomas Connelly

Roman Fischer

Ruben Annemans

Brittany Randall

Prachi Jain

Corey Bonnell

Paul Van Brouwershaven

Aaron Poulsen

Trevoli Ponds-White

Jillian Karner

Ben Wilson

Janet Hines

Marcelo Silva

Dustin Hollenback
David Kluge

Steven Deitte

Daniel Jeffery

Tim Crawford

Kiran Tummala

Rebecca Kelley

Daryn Wright

Chris Kemmerer

Inigo Barreira


1. *Read Antitrust Statement*

 Clint Wilson read the antitrust statement.


2.  *Roll Cal*l

 Clint Wilson read the roll.


3. *Discussion Items*


*Threat Modeling*:  David shared the update about the threat model. It was
shared that significant progress has been made in OCSP responder’s threat
modeling and he has some internal engineers as well who are interested in
helping. F2F discussion was very valuable and assumptions are very clear
now in the document. There was further discussion on the STRIDE model.
Clint mentioned that eventually when we expand this threat model, some of
the assumptions should go away. The idea is to make the model in a way that
we actually can do something now but in future we make changes as needed.
Detailed discussion was done by the group into each threat and the document
was updated. There was also some discussion around the common components
between responders, ca and server like basic system, network configuration  and
infrastructure. Kiran volunteered to research on standard definitions of
all the threats and bring it back to the future sessions.

The document can be found here: (
https://docs.google.com/document/d/1cmKs-H5mMg2cVHiDG6NUFzBvYJH3OwiIgKROXTUG5bU/edit?usp=sharing&resourcekey=0-dlLWckJvTVZ6i8Kn7YerUA
)



4.* Any Other Business*

None

-- 

*Prachi Jain* | Staff SRE-Foundation Trust Services | Dallas, TX
fastly.com | @fastly <https://twitter.com/fastly> | LinkedIn
<https://www.linkedin.com/company/fastly/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/netsec/attachments/20220710/ebe49926/attachment.html>

More information about the Netsec mailing list