[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: T1M1.5 Document (related ANSI doc) (fwd)

To: opsec@ops.ietf.org
Subject: Re: T1M1.5 Document (related ANSI doc) (fwd)
From: George Jones <gmj@pobox.com>
Date: Thu, 20 Mar 2003 16:31:01 -0800 (PST)
Reply-to: gmj@pobox.com

---------- Forwarded message ----------
Subject: Re: T1M1.5 Document (related ANSI doc)
From: Chris Lonvick <clonvick@cisco.com>
To: gmj@pobox.com
Cc: opsec@ops.ietf.org
Date: Thu, 20 Mar 2003 13:08:01 -0800 (PST)

Hi George and All,

On 20 Mar 2003 gmj@pobox.com wrote:

> There is a closely related ANSI doc that's going
> to final ballot next week.  Security reqirements
> for managemnt, ops of public telecom infrastructure.
>
> It's probably too late to get changes (and your org has
> to be a voting member), but it looks very well done.

It is not too late to get changes.  The way it works within T1 is this:
 - there was an initial Letter Ballot (LB1117)
 - voting members voted and concerned others submitted their thoughts
 - the vote comments and thoughts were published as a Contribution and
    reviewed by those interested in a phone conference
 - since there was a NO vote to the initial LB, a Default Letter Ballot
    has been called - this means that everyone's vote will default to
    their original vote unless they change it (voting members who voted
    YES will continue to vote YES without having to submit anything new)
 - since the time of the initial LB and now, the contributors have been
    addressing the comments and polishing the document
 - Votes from voting members and comments from anyone concerned will be
    accepted until 26 March - the closing date of the DLB
 - after the DLB closes, comments will be reviewed
 - if there are no comments and no NO votes, the document will be
    accepted as an ANSI standard
 - if there are comments then they will be addressed by those concerned
    in a follow-up call

>
> The thing to we should do is analize the scope/overlap of
> the two docs and see what makes sense going forward.
>
> My very short analysis: they've done a very good job
> at analyzing generalized requiremnts for managament
> and ops, and we should see what we can leverage/not do.
>
> opsec/net-sec-reqs focus is exclusively IP-centric, and more broad
> (all devices implementing IP, not just public telecom infrastructure
> though that's where it started), we're a lot more focused on
> here-and-now features, and there opsec has a mechanism
> for specifying profiles (core routers have different requiremnts
> than edge routers which have different requrements than hosts)...
> (Chris, am I missing anyting in the ANSI doc or related efforts ?)

There has been a bit of a discussion in platform differences.  A lot of
the M (mandatory) requirements just use the term NE/MS and don't attempt
to differentiate between them or where they are located in the network.
Some concession was made to very small, or very out of the way devices
such as IP telephones and CPE routers.  The document says that the M
requirements stated in the document should be taken as O (optional)
requirements for those.  A number of attempts were made to try to
differentiate between platforms (robust OS v. embedded OS, does it have a
disk, does it have a console port, etc.) but no good consensus method was
worked out to define any separation.  Hence, generalized requirements.
It's not the best solution but it allowed the work to progress rather
quickly.  If there are specific instances that need differentiation,
please contribute.

There are two ways to contribute:  If you are a member of a participating
T1 company, find your voting member and get them to submit comments in the
DLB.  If you are not a member of a participating T1 company, you may make
individual comments.  I am not sure how individual comments may
be submitted but some information may be found here:
  http://www.t1.org/html/t1voting.htm
I think it would be appropriate to state that this is a contribution to
LB1117.  Mike Fargano is the Chair of T1M1.5 and may be reached
by <mfargan@qwest.com> for real questions.  For those of you without MS
products on your personal device, a PDF version of the document may be
found here:

http://www.t1.org/filemgr/FileList.taf?Directory=ballots%5Cdefault&ShowTitle=Default%20T1%20Letter%20Ballots

Thanks,
Chris

>
> Thanks,
> ---George Jones
>
>
> Chris Lonvick <clonvick@cisco.com> writes:
>
> > Hi George,
> >
> > Please go here:
> >   http://www.t1.org/t1m1/_m1-grid.htm
> > Select the ellipsis at the intersection of "New File" and "T1M1.5"
> >
> > Download the document titled:
> >  3m150073.doc
> >
>

Prev by Date: Re: T1M1.5 Document (related ANSI doc)
Next by Date: Re: T1M1.5 Document (related ANSI doc)
Previous by thread: Re: T1M1.5 Document (related ANSI doc)
Next by thread: Updates on the way to -00
Index(es):
- Date
- Thread