Create separate doc for a detailed threat model about qabel.github.io HOT 15 CLOSED

threat m(

from qabel.github.io.

yep. thanks!

from qabel.github.io.

There is early draft at https://github.com/Qabel/qabel-doc/wiki/Threat-Model.

from qabel.github.io.

Should something like a mitm attack on tls with faked certificate be part of this page (under Local network attacker)?
Or should this page only show threats to the proper working system?
It might be important for future versions to protect the user from such an attack, or is there already such a protection?

from qabel.github.io.

Should something like a mitm attack on tls with faked certificate be part of this page (under Local network attacker)?

At least, the document should clarify which assumptions our security model makes in terms of underlying protocols (like TLS).

from qabel.github.io.

This issue and its last update are rather old. What is the status of this issue @schulze and maybe @cburkert?

from qabel.github.io.

@schulze and I will work on this next week in preparation for our Qabel Architecture Review meeting on 12/17.

from qabel.github.io.

Should something like a mitm attack on tls with faked certificate be part of this page (under Local network attacker)?

@roeslpa I added a note about TLS: https://github.com/Qabel/qabel-doc/wiki/Threat-Model#tls Is this what you had in mind?

from qabel.github.io.

@schulze Yep, it is. 👍

from qabel.github.io.

Bump.

from qabel.github.io.

Here is a link to the new location of the document.

from qabel.github.io.

@schulze is this page still up to date?

from qabel.github.io.

The page is not up to date, is unfinished and needs work.

from qabel.github.io.

@schulze do you mind if I update the threat model?

from qabel.github.io.

Just go ahead!

One suggestion: The content I originally had in mind shouldn't really be called a "threat model", but rather a "security policy". I you want to feel free to split or rename the page.

from qabel.github.io.