Re: Public comments on threat trees from Rachna Dhamija on 2007-06-27 (public-wsc-wg@w3.org from June 2007)

From: Rachna Dhamija <rachna.w3c@gmail.com>
Date: Tue, 26 Jun 2007 17:52:07 -0700
To: "Doyle, Bill" <wdoyle@mitre.org>
Cc: public-wsc-wg@w3.org
Message-ID: <20abbc510706261752g3068b12bpfe2ad851989802fc@mail.gmail.com>

Bill,

There is currently no "owner" (Stuart S is transitioning jobs, and I don't
know if he is still participating in the workgroup).   I've been adding
attacks as I think of them and have flattened it out to be more of an
outline, rather than a "tree".  We still need to add links to examples and
to identify which branches are in and out of scope.

I'm not sure that we'll ever be "done" with adding new attacks, so this is a
good time as any to get comments and find things we have missed.  Perhaps
you and Stephen F might like to make one pass through it first.

http://www.w3.org/2006/WSC/wiki/ThreatTrees

Rachna

On 6/25/07, Doyle, Bill <wdoyle@mitre.org> wrote:
>
>  Are threat trees ready for public comments? If so I will send the a wiki
> link out to MITRE infosec list.
>
> If threat tree owner can respond and provide any intro and link it would
> be appreciated.
>
> Regards
> Bill Doyle
> wdoyle@mitre.org
>
>
>
>

Received on Wednesday, 27 June 2007 00:52:14 UTC