[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FW: [saag] Security Requirements Intnernet Draft (a request for comments)(F orwarded)

To: <opsec@psg.com>
Subject: FW: [saag] Security Requirements Intnernet Draft (a request for comments)(F orwarded)
From: <Michael.G.Williams@nokia.com>
Date: Wed, 11 Jun 2003 20:20:29 -0700

-----Original Message-----
From: Williams Michael.G (NIC/MtView) 
Sent: Wednesday, June 11, 2003 7:51 PM
To: 'Steve Bellovin'; saag@mit.edu
Subject: RE: [saag] Security Requirements Intnernet Draft (a request for
comments)(F orwarded)

A general comment, and a tangent.

This seems to be very "wired" centric and could use another pass with the wireless world kept in mind side by side with the wired.

There seems to be a tremendous emphasis on security (in all walks of life). There is an opening up to acknowledge that some of the current solutions for security get in the way of others, or aren't aware of others. Idealists vs. pragmatists debate how high to raise the bar for the next "jump." There is a fair amount of idealism in this draft.

Best Regards,
Michael

-----Original Message-----
From: Steve Bellovin [mailto:smb@research.att.com]
Sent: Wednesday, June 11, 2003 5:53 PM
To: saag@mit.edu
Subject: [saag] Security Requirements Intnernet Draft (a request for
comments)(F orwarded)

Comments welcome.

------- Forwarded Message

Message-ID: <3EE7C8A6.8080706@mitre.org>
Date: Wed, 11 Jun 2003 20:26:14 -0400
From: "George M. Jones" <gmjones@mitre.org>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: nanog@merit.edu
Subject: Security Requirements Intnernet Draft (a request for comments)
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Sender: owner-nanog@merit.edu
Precedence: bulk
Errors-To: owner-nanog-outgoing@merit.edu
X-Loop: nanog
X-Spam-Status: No, hits=-12.3 required=5.0
	tests=BAYES_01,USER_AGENT_MOZILLA_UA,X_LOOP
	autolearn=ham version=2.53
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 2.53 (1.174.2.15-2003-03-30-exp)

I've published an Internet Draft on "Security Requirements for Devices 
Implementing IP".
You can view it at:

  http://www.ietf.org/internet-drafts/draft-jones-opsec-00.txt

This is an outgrowth of a document used by UUNET (my former employer)
to sanity check/security qualify equipment for connection to the backbone.

The point of publishing the document is to start discussion.   There is 
a mailing
list set up:   opsec@ops.ietf.org.   Subscribe by sending a message to
"majordomo@ops.ietf.org" with "subscribe opsec" in the body.

The point of the document is to create a useful list that network operators
can use to communicate their securtiy requirements to vendors.

Please have a look and comment.

Thanks,
- ---George Jones

------- End of Forwarded Message

		--Steve Bellovin, http://www.research.att.com/~smb (me)
		http://www.wilyhacker.com (2nd edition of "Firewalls" book)

_______________________________________________
saag mailing list
saag@mit.edu
https://jis.mit.edu/mailman/listinfo/saag

Follow-Ups:
- Re: FW: [saag] Security Requirements Intnernet Draft (a request forcomments)(F orwarded)
  - From: "George M. Jones" <gmjones@mitre.org>

Prev by Date: Re: Directed broadcasts; known exploits; defalt passwords
Next by Date: Splitting into several docs; more extensive use/emphasis of profiles
Previous by thread: Directed broadcasts; known exploits; defalt passwords
Next by thread: Re: FW: [saag] Security Requirements Intnernet Draft (a request forcomments)(F orwarded)
Index(es):
- Date
- Thread