[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

First cut at capabilities doc template

To: opsec@ops.ietf.org
Subject: First cut at capabilities doc template
From: George Jones <eludom@gmail.com>
Date: Wed, 10 Nov 2004 18:55:01 -0500
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding; b=q4UIMfCtuOblJlXYYEe1ADyZ7QTC/e/0b3O4mKKgOxmk4PaWaQGM6l/Hl/HgWjlnQCkReGQDOX26nwZ2rJ9g3LiN48OB9XCTvrkhReDQdlcr9PZAF8wqk+ycUiwrd5234PqRwB5HTY151uVlLSd9HXsv3khIuDjfjr4rSfTneP4=
Reply-to: gmj@pobox.com

Merike and I have talked things over and I think we've got the split
between the operator practice survey doc and the individual
capabilities documents worked out in principal.   The Abstract
below is a swag at capturing the split.   Please review and comment.
I've recast one of the rfc3781 requirements as a capability to show
the style of the capabilities.   Note that there is no justification
with the capability other than to cite practices supported.
The threat model, attacks, justificaiton, etc will live in the
framework and survey docs (Merike has all the hard work !)

One we agree on the format/split, I think the individual capabilities
docs can flow pretty quickly.

---George

--------------------------------------cut
here----------------------------------------------

Abstract

   CITE-OPERATOR-SURVEY-RFC lists operator practices related to securing
   networks.  This document lists filtering capabilities needed to
   support those practices.

   Capabilities are defined without reference to specific technologies.
   This is done to leave room for deployment of new technologies that
   implement the capability.  Where current technology exists that
   implements the capability, it is cited in the "current
   implementations" subsections.

   CITE-OPERATOR-SURVEY-RFC defines the threat model, potential attacks
   and give justifications for each of the practices.  This document
   does not justify the need for capabilities other than to cite the
   practice(s) they support.

   Capabilities may or may not be requirements.  That is a local
   determination that must be made by each operator with reference to
   the policies that they must support.  It is hoped that this document,
   together with CITE-OPERATOR-SURVEY-RFC will assist operators in
   identifying their security capability requirements and communicating
   them clearly to vendors.

.
.
.

1.2.3 Ability to Display Filter Counters

   Capability.

      The device provides a mechanism to display filter counters.

   Practices Supported.

      *  Detecting Malicious Traffic (RFCxxxx Section 1.2.3)
      *  Profiling Malicious Traffic (RFCxxxx)Section 1.2.4)

   Current Implementations.

      *  CLI interface to display filter counters for individual
         fitlers.

Prev by Date: Re: survey of isp security practices
Next by Date: Re: survey of isp security practices
Previous by thread: Framework -00 to -01 diffs
Next by thread: Re: Authentication, access control, and key distribution
Index(es):
- Date
- Thread