From a3a9757ebb349b70c3c060d12244c07dda08c4f6 Mon Sep 17 00:00:00 2001
From: Rasmus Dahlberg <rasmus.dahlberg@kau.se>
Date: Sat, 2 Oct 2021 14:50:33 +0200
Subject: added issue about risk-averse attacker (design.md)

---
 issues/risk-averse-attacker.md | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 issues/risk-averse-attacker.md

(limited to 'issues')

diff --git a/issues/risk-averse-attacker.md b/issues/risk-averse-attacker.md
new file mode 100644
index 0000000..519001b
--- /dev/null
+++ b/issues/risk-averse-attacker.md
@@ -0,0 +1,15 @@
+# Risk-averse attacker
+reported by: rgdd
+
+We used to have a paragraph in our threat model that emphasized that the
+attacker we, and transparent logs in general, consider is risk-averse.
+
+This paragraph was pulled because it simply stated properties about our attacker
+without explaining why that is interesting.  The threat model text is fine
+without it for now, but we should consider adding it in a proper way later on.
+
+When we do, consider if we should cite these academic papers as well:
+- https://eprint.iacr.org/2007/060.pdf
+- https://www.sciencedirect.com/science/article/abs/pii/S0161893807000592
+
+Credit: z4lem recommended these papers.
-- 
cgit v1.2.3