Make trust boundaries closed

[adamshostack]

Arc trust boundaries are ambiguous. For example, in the sample diagram, one arc can be extended to split "background worker process", another can be extended to bisect "database."

Closed boundaries (such as boxes) are more clear, and should be the default shape.

[jgadsden]

Hello @adamshostack , I very much understand your point - after some years of using Cisco Threat Modeller I was unsure of the use open trust boundaries in TD. However I find that some diagrams benefit visually from the arcs, compared to the cisco tool which always had closed square boundaries.

When I want a closed boundary then I join start and finish, so this provides me with a work-around if I need it. And I agree that this is technically correct, as trust boundaries are a bit like isobars: intrinsically closed. Would it be good to have an additional shape for trust boundaries, say a closed square? Then we could choose which one to use according to the diagram.

[adamshostack]

@jgadsden Tooling shapes practice, and so we should think carefully about what we put within easy reach. I also think that TD is, as an OWASP & open source project is likely to be the first threat modeling tool a lot of folks pick up, and as such should make choices that help people learn to threat model well.

Is "use an arc" a choice that someone new to threat modeling should be making?

If not, then I think that hiding the option to display arcs in a preference pane will address your use case and will address back-compat.

(I inherited arcs from the v2 tool that Frank Swiderski built, and I think my biggest regret in the MS v3 tool is that I didn't give that more thought.)

[jgadsden]

transferring this issue to repo: https://github.com/mike-goodwin/owasp-threat-dragon-core/issues as this is the main diagram repo for both desktop and web application versions

[jgadsden]

Migrated to new issue in the OWASP area repo : https://github.com/OWASP/threat-dragon-core/issues/5