RE: Public comments on threat trees from Doyle, Bill on 2007-06-27 (public-wsc-wg@w3.org from June 2007)

From: Doyle, Bill <wdoyle@mitre.org>
Date: Wed, 27 Jun 2007 06:45:30 -0400
To: "Rachna Dhamija" <rachna.w3c@gmail.com>
Cc: <public-wsc-wg@w3.org>
Message-ID: <518C60F36D5DBC489E91563736BA4B5801815706@IMCSRV5.MITRE.ORG>

Thanks - was wondering what was up.
 
Will take a look at it. Usually the MITRE infosec group does not hold
back much, depends on who gets a hold of it.
 
Bill 
 


________________________________

	From: Rachna Dhamija [mailto:rachna.w3c@gmail.com] 
	Sent: Tuesday, June 26, 2007 8:52 PM
	To: Doyle, Bill
	Cc: public-wsc-wg@w3.org
	Subject: Re: Public comments on threat trees
	
	
	Bill, 
	
	There is currently no "owner" (Stuart S is transitioning jobs,
and I don't know if he is still participating in the workgroup).   I've
been adding attacks as I think of them and have flattened it out to be
more of an outline, rather than a "tree".  We still need to add links
to examples and to identify which branches are in and out of scope.  
	
	I'm not sure that we'll ever be "done" with adding new attacks,
so this is a good time as any to get comments and find things we have
missed.  Perhaps you and Stephen F might like to make one pass through
it first. 
	
	http://www.w3.org/2006/WSC/wiki/ThreatTrees
	
	Rachna
	
	
	On 6/25/07, Doyle, Bill < wdoyle@mitre.org> wrote: 

		Are threat trees ready for public comments? If so I
will send the a wiki link out to MITRE infosec list. 
		 
		If threat tree owner can respond and provide any intro
and link it would be appreciated.
		 
		Regards
		Bill Doyle
		wdoyle@mitre.org

Received on Wednesday, 27 June 2007 10:45:36 UTC