[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Tin-man charter

To: opsec@ops.ietf.org
Subject: Tin-man charter
From: George Jones <gmj@pobox.com>
Date: Tue, 8 Jun 2004 16:13:28 -0400 (EDT)
Reply-to: gmj@pobox.com

Try this...

-------------------------cut here-----------------------

Operations and Management Area Director(s):

  Bert Wijnen <bwijnen@lucent.com>
  David Kessens <david.kessens@nokia.com>

Operations and Management Area Advisor:

  David Kessens <david.kessens@nokia.com>

Security Area Director(s):

  Russell Housley <housley@vigilsec.com>
  Steven Bellovin <smb@research.att.com>

Security Area Advisor:

  Steven Bellovin <smb@research.att.com>

Mailing Lists:

  General Discussion: opsec@ops.ietf.org
  To Subscribe: opsec-request@ops.ietf.org
  In Body: subscribe
  Archive: http://ops.ietf.org/lists/opsec/

Description of Working Group:

Goals

  The goal of the Operational Security Working Group is to codify
  knowledge about feature sets that are required to securely deploy
  and operate managed network elements providing transit services at
  OSI layers 2 and 3.

Scope

The working group will produce requirements appropriate for:

   o Internet Service Provider (ISP) Networks
   o Enterprise Networks

The following areas are excluded from the charter at this time:

   o Wireless devices
   o SOHO devices
   o Security devices (firewalls, IDS, Authentication Servers)
   o Hosts

Methods

  A framework document will be produced describing the scope, format,
  intended use and sequence of future documents. A series of BCP
  documents will be produced covering various areas of security
  management functionality. Profiles documents will be produced,
  citing the BCPs, which list the requirements relevant to different
  operating environments. Profiles might list different requirements
  for devices in different roles: core, edge, peering, aggregation,
  access, etc.

  http://www.ietf.org/internet-drafts/draft-jones-opsec-06.txt will be
  used as a jumping off point.

  Much of the operational security knowledge that needs to be codified
  resides with operators. In order to access their knowledge and reach
  the working group goal, informal BoFs will be held at relevant
  operator fora.

Goals and Milestones:

  Aug 04          First Working Group Meeting @ IETF 60 in San Diego
  Sep 04          First draft of Framework Document as Internet Draft
  Mar 05          Submit Framework to IESG

  Aug 05          Submit In-Band management requirements to IESG (BCP)
  Aug 05          Submit Out-of-Band management requirements to IESG (BCP)
  Aug 05          Submit Packet Filtering requirements to IESG (BCP)
  Aug 05          Submit Event Logging Requirements document to IESG (BCP)

  Nov 05          Submit Configuration and Management Interface Requirements to
  IESG  (BCP)
  Nov 05          Submit AAA requirements document to IESG (BCP)
  Nov 05          Submit Documentation and Assurance requirements document to IESG (BCP)
  Nov 05          Submit Miscellaneous requirements document to IESG (BCP)

  Mar 06          Submit ISP Operational Security Requirements Profile (info)
  Mar 06          Submit Large Enterprise Operational Security Requirements Profile
  Mar 06          Submit OPSEC Deliberation Summary document

Internet-Drafts (to be written):

  See schedule above.

Request For Comments:

  None.

Follow-Ups:
- Re: Tin-man charter
  - From: Chris Lonvick <clonvick@cisco.com>

Prev by Date: RE: Straw-man charter
Next by Date: Re: Tin-man charter
Previous by thread: RE: Proposed alternate milestones (Re: Straw-man charter)
Next by thread: Re: Tin-man charter
Index(es):
- Date
- Thread