- From: Erik Taubeneck via GitHub <sysbot+gh@w3.org>
- Date: Fri, 06 May 2022 19:15:30 +0000
- To: public-patcg@w3.org
To be clear, I don't think it's reasonable or possible to "pick a threat model" during the time in the upcoming meeting, but I do think that building consensus around a threat model should be the goal this should work towards. I also agree that there are going to be certain (and important) points where there will be differing views from the group. However, in my experience, 90% of the threat model is defining the different actors involved, what sort of capabilities they may have, etc. Putting together a draft of such a document should result in the areas where there are important differences. Finally, I did not get the same impression of the next step: > My impression was that we agreed that this group should put work into evaluating the trade-offs in different types of solutions (MPC vs TEE), and that one of those trade-offs is some difference in the security threats that they protect against. My impression was that the group should try to build consensus around a threat model, and then evaluate the tradeoffs between different solutions relative to that threat model. -- GitHub Notification of comment by eriktaubeneck Please view or discuss this issue at https://github.com/patcg/meetings/issues/50#issuecomment-1119939030 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 6 May 2022 19:15:31 UTC