[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Summary of opsec mini-BOF @ IETF
Notes from meeting to discuss
Draft of "Network Security Requirements for Devices Implementing Internet Protocol"
March 17, 2003 @ IETF56
Attending:
George Jones, MITRE
Christian Arllen, MITRE
Fred Baker, Cisco
Barbara Frasier, Cisco
Merike Kaeo
Decsions:
- Consensus was that the draft should move forward.
- Need at least one other vendor involved
- Need at least one other large network operator involved
- Current "Implemenation" sections will be renamed "Examples".
- Scope/Goals will be further generalized
Open Issues/Disussion:
- How to edit/submit changes
Current plan is to have people edit the xml and submit
updated XML.
- Individual submission vs. Working Group
There was some discssion of whether it made sense
for this to be an individual submission or a working group
document....and how to get people to know about it/pay
attention if it is an indiviual submission.
- BCP vs. new requirements
Most of the document is a BCP. Some are things that
could not be classed as "current practice"...some are
security features that operators (UUNET in this case)
would like to see. The question is, do these belong
in the same document ?
- Relationship to RFC 1812, other IETF efforts.
The question came up as to wheter this should be
be some sort of update to RFC 1812
There is also a large ammount of current work
in IETF related to the subject of this draft.
Some examples include Network Configuration (netconf),
Routing Protocol Security Requirements (rpsec),
Security Issues in Syslog (syslog), etc.
What is the appropriate relationship (if any)
of this document to those efforts ?
Next Steps:
Line up a small group of reviewers.
- George insure involvment from UUNET and MITRE
- Barbara and Barry Greene will represent Cisco
- Fred and Barbara will solicit Juniper, network
operator involvment
- George will meet wtih potential reviewers identified
by Fred and Barbara this week @ IETF.
Split up work, make passes on:
- Simplifying compound requirements
- revisit/simplify justifcations
- revisit/expand implementation->examples section
George M. Jones | Qualis artifex pero ("What an artist dies with me!")
Network Security |
Architect |
CISSP,CCNA,JAPH | Nero (Suetonius, Life of Nero, x
gmj@pobox.com, PGP Finger=CB97 C772 7685 0E15 E27E C78D A50F 3AAD C1D6 D49E