Relationships to T1M1.5, etc. (was RE: comments)

[George Jones <gmj@pobox.com>]

On Wed, 18 Jun 2003, Budd, Fred wrote:

> What is the thought with regards to encompassing concepts from other
> standards or recommendations? (T1M1.5, common criteria profiles,
> federal IA, etc.) Should they be addressed in the document or included
> by reference?

That's a good question, and one I've allocated some time to at the
BOF.  I've asked one of the T1M1 comittee members to speak briefly and
have someone else in mind to address the Common Criteria. Feel free to
"voice" thoughts here if you're not going to be @ IETF.

Short version is: there is heavy overlap.   I think it's worth
running this in the IETF for another couple drafts without
heavy reference to the other works as a sort of "clean rooom"
experiemnt to see what comes out, what the needs of operators
involved in the IETF are, and then to stop and do a sync with
the other efforts if appropriate.

From  http://www.port111.com/opsec/opsec-meta.txt:

> Relationship to ANSI draft T1.276-200x
>
>   There is heavy overlap between part the opsec document and ANSI draft
>   T1.276-200x.  Some of the distinctions between opsec and the ANSI draft
>   are that the opsec draft is:
>
>     * exclusively focused on IP
>     * not exclusive to telecom infrastructure
>     * not restricted to the management plane
>     * has support for "profiles" (core, edge, hosts, toasters..)
>     * written in the IETF context (format, references, etc.)
>     * something that originated from customer requirements

Thanks,
---George Jones