Hi:
In what manner are you referencing Boyd's OODA loop? How are you suggesting the OODA concept be applied to security planning and or security design and/or security operations?
Posted by Purpleslog at March 12, 2012 10:31 PMPeriodic reference is that attackers have significantly better OODA-loop than those responsible for security.
Disclaimer #1: We were called in as consultants to small client/server startup that wanted to do payment transactions on their server, they had also invented this technology called "SSL" they wanted to use, the result is now frequently called "electronic commerce". As part of "electronic commerce" there were various requirements as to the deployment and use of SSL ... which were almost immediately violated. Not long after, I coined the term "comfort certificates" (referring to the SSL domain name digital certificates) in attempt to differentiate between providing the feeling of comfort and *REAL* security.
Disclaimer #2: I use to sponsor Boyd's briefings at IBM
Posted by Lynn Wheeler at March 14, 2012 03:57 PMone of the latest in series of articles ... i made some offhand comment about lots of this has been lurking since SSL was first deployed
What's Next For Certificate Technology? The recent rash of breaches among certificate authorities has left a bad taste in enterprises' mouths. What's wrong with the technology, and how is it changing?
http://www.darkreading.com/authentication/167901072/security/client-security/232602762/what-s-next-for-certificate-technology