[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bronze charter
Here's the current state of the charter. I've listed people who have
volunteered to write various drafts below in []. Speak up if I've
missed someone or if you're willing to work on something else.
Multiple authors are not a problem.
I'm Open for suggestions for the next metal :-)
---George Jones
----------------------------------snip----------------------------
Operational Security Requirements for IP Network Infrastructure (opsec) Charter
Last Modified: 2004-06-24
Chairs:
Ross Callon <rcallon@juniper.net>
Operations and Management Area Director(s):
Bert Wijnen <bwijnen@lucent.com>
David Kessens <david.kessens@nokia.com>
Operations and Management Area Advisor:
David Kessens <david.kessens@nokia.com>
Security Area Director(s):
Russell Housley <housley@vigilsec.com>
Steven Bellovin <smb@research.att.com>
Security Area Advisor:
Steven Bellovin <smb@research.att.com>
Mailing Lists:
General Discussion: opsec@ops.ietf.org
To Subscribe: opsec-request@ops.ietf.org
In Body: subscribe
Archive: http://ops.ietf.org/lists/opsec/
Description of Working Group:
Goals
The goal of the Operational Security Working Group is to codify
knowledge about feature sets that are required to securely deploy
and operate managed network elements providing transit services at
OSI layers 2 and 3.
Scope
The working group will produce requirements appropriate for:
* Internet Service Provider (ISP) Networks
* Enterprise Networks
The following areas are excluded from the charter at this time:
* Wireless devices
* SOHO devices
* Security devices (firewalls, IDS, Authentication Servers)
* Hosts
Methods
A framework document will be produced describing the scope,
format, intended use and sequence of future documents. A series of
BCP documents will be produced covering various areas of security
management functionality. Profiles documents will be produced,
citing the BCPs, which list the requirements relevant to different
operating environments. Profiles might list different requirements
for devices in different roles: core, edge, peering, aggregation,
access, etc.
http://www.ietf.org/internet-drafts/draft-jones-opsec-06.txt will
be used as a jumping off point.
Much of the operational security knowledge that needs to be
codified resides with operators. In order to access their
knowledge and reach the working group goal, informal BoFs will be
held at relevant operator fora.
Goals and Milestones:
Aug 04 First Working Group Meeting @ IETF 60 in San Diego
Sep 04 First draft of Framework Document as Internet Draft
[Callon, Kaeo, Jones]
Sep 04 First draft of Standards Survey Document as Internet Draft
[Lonvick,Spak]
Mar 05 Submit Framework to IESG (info)
Mar 05 Submit Standards Survey to IESG (info)
Aug 05 Submit In-Band management requirements to IESG (BCP)
[Budd]
Aug 05 Submit Out-of-Band management requirements to IESG (BCP)
[Budd]
Aug 05 Submit Packet Filtering requirements to IESG (BCP)
[Callon,Budd]
Aug 05 Submit Event Logging Requirements document to IESG (BCP)
[Kaeo]
Nov 05 Submit Configuration and Management Interface Requirements to
IESG (BCP)
[Kaeo]
Nov 05 Submit AAA requirements document to IESG (BCP)
[Budd]
Nov 05 Submit Documentation and Assurance requirements document to IESG (BCP)
Nov 05 Submit Miscellaneous requirements document to IESG (BCP)
Mar 06 Submit ISP Operational Security Requirements Profile (info)
Mar 06 Submit Large Enterprise Operational Security Requirements Profile
Mar 06 Submit OPSEC Deliberation Summary document
Internet-Drafts (to be written):
See schedule above.
Request For Comments:
None.