| draft-ietf-opsec-efforts-09.txt | draft-ietf-opsec-efforts-10.txt | |||
|---|---|---|---|---|
| Network Working Group C. Lonvick | Network Working Group C. Lonvick | |||
| Internet-Draft D. Spak | Internet-Draft D. Spak | |||
| Expires: June 14, 2009 Cisco Systems | Expires: October 15, 2009 Cisco Systems | |||
| December 11, 2008 | April 13, 2009 | |||
| Security Best Practices Efforts and Documents | Security Best Practices Efforts and Documents | |||
| draft-ietf-opsec-efforts-09.txt | draft-ietf-opsec-efforts-10.txt | |||
| Status of this Memo | Status of this Memo | |||
| By submitting this Internet-Draft, each author represents that any | This Internet-Draft is submitted to IETF in full conformance with the | |||
| applicable patent or other IPR claims of which he or she is aware | provisions of BCP 78 and BCP 79. | |||
| have been or will be disclosed, and any of which he or she becomes | ||||
| aware will be disclosed, in accordance with Section 6 of BCP 79. | ||||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
| other groups may also distribute working documents as Internet- | other groups may also distribute working documents as Internet- | |||
| Drafts. | Drafts. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
| http://www.ietf.org/ietf/1id-abstracts.txt. | http://www.ietf.org/ietf/1id-abstracts.txt. | |||
| The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html. | http://www.ietf.org/shadow.html. | |||
| This Internet-Draft will expire on June 14, 2009. | This Internet-Draft will expire on October 15, 2009. | |||
| Copyright Notice | ||||
| Copyright (c) 2009 IETF Trust and the persons identified as the | ||||
| document authors. All rights reserved. | ||||
| This document is subject to BCP 78 and the IETF Trust's Legal | ||||
| Provisions Relating to IETF Documents in effect on the date of | ||||
| publication of this document (http://trustee.ietf.org/license-info). | ||||
| Please review these documents carefully, as they describe your rights | ||||
| and restrictions with respect to this document. | ||||
| Abstract | Abstract | |||
| This document provides a snapshot of the current efforts to define or | This document provides a snapshot of the current efforts to define or | |||
| apply security requirements in various Standards Developing | apply security requirements in various Standards Developing | |||
| Organizations (SDO). | Organizations (SDO). | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| skipping to change at page 4, line 16 | skipping to change at page 4, line 16 | |||
| 5.21. Catalogue of ITU-T Recommendations related to | 5.21. Catalogue of ITU-T Recommendations related to | |||
| Communications System Security . . . . . . . . . . . . . . 25 | Communications System Security . . . . . . . . . . . . . . 25 | |||
| 5.22. ITU-T Security Manual . . . . . . . . . . . . . . . . . . 25 | 5.22. ITU-T Security Manual . . . . . . . . . . . . . . . . . . 25 | |||
| 5.23. ITU-T NGN Effort . . . . . . . . . . . . . . . . . . . . . 26 | 5.23. ITU-T NGN Effort . . . . . . . . . . . . . . . . . . . . . 26 | |||
| 5.24. NRIC VI Focus Groups . . . . . . . . . . . . . . . . . . . 26 | 5.24. NRIC VI Focus Groups . . . . . . . . . . . . . . . . . . . 26 | |||
| 5.25. OASIS Security Joint Committee . . . . . . . . . . . . . . 26 | 5.25. OASIS Security Joint Committee . . . . . . . . . . . . . . 26 | |||
| 5.26. OASIS Security Services (SAML) TC . . . . . . . . . . . . 27 | 5.26. OASIS Security Services (SAML) TC . . . . . . . . . . . . 27 | |||
| 5.27. OIF Implementation Agreements . . . . . . . . . . . . . . 27 | 5.27. OIF Implementation Agreements . . . . . . . . . . . . . . 27 | |||
| 5.28. TIA . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 | 5.28. TIA . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 | |||
| 5.29. WS-I Basic Security Profile . . . . . . . . . . . . . . . 28 | 5.29. WS-I Basic Security Profile . . . . . . . . . . . . . . . 28 | |||
| 5.30. NIST Special Publications (800 Series) . . . . . . . . . . 28 | ||||
| 5.31. NIST Interagency or Internal Reports (NISTIRs) . . . . . . 28 | ||||
| 5.32. NIST ITL Security Bulletins . . . . . . . . . . . . . . . 28 | ||||
| 6. Security Considerations . . . . . . . . . . . . . . . . . . . 29 | 6. Security Considerations . . . . . . . . . . . . . . . . . . . 29 | |||
| 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 30 | 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 30 | |||
| 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 31 | 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 31 | |||
| 9. Changes from Prior Drafts . . . . . . . . . . . . . . . . . . 32 | 9. Changes from Prior Drafts . . . . . . . . . . . . . . . . . . 32 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 35 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 35 | |||
| Intellectual Property and Copyright Statements . . . . . . . . . . 36 | ||||
| 1. Introduction | 1. Introduction | |||
| The Internet is being recognized as a critical infrastructure similar | The Internet is being recognized as a critical infrastructure similar | |||
| in nature to the power grid and a potable water supply. Just like | in nature to the power grid and a potable water supply. Just like | |||
| those infrastructures, means are needed to provide resiliency and | those infrastructures, means are needed to provide resiliency and | |||
| adaptability to the Internet so that it remains consistently | adaptability to the Internet so that it remains consistently | |||
| available to the public throughout the world even during times of | available to the public throughout the world even during times of | |||
| duress or attack. For this reason, many SDOs are developing | duress or attack. For this reason, many SDOs are developing | |||
| standards with hopes of retaining an acceptable level, or even | standards with hopes of retaining an acceptable level, or even | |||
| skipping to change at page 29, line 5 | skipping to change at page 28, line 14 | |||
| 5.29. WS-I Basic Security Profile | 5.29. WS-I Basic Security Profile | |||
| http://www.ws-i.org/Profiles/BasicSecurityProfile-1.0.html | http://www.ws-i.org/Profiles/BasicSecurityProfile-1.0.html | |||
| The WS-I Basic Security Profile 1.0 consists of a set of non- | The WS-I Basic Security Profile 1.0 consists of a set of non- | |||
| proprietary Web services specifications, along with clarifications | proprietary Web services specifications, along with clarifications | |||
| and amendments to those specifications which promote | and amendments to those specifications which promote | |||
| interoperability. | interoperability. | |||
| 5.30. NIST Special Publications (800 Series) | ||||
| http://csrc.nist.gov/publications/PubsSPs.html | ||||
| Special Publications in the 800 series present documents of general | ||||
| interest to the computer security community. The Special Publication | ||||
| 800 series was established in 1990 to provide a separate identity for | ||||
| information technology security publications. This Special | ||||
| Publication 800 series reports on ITL's research, guidelines, and | ||||
| outreach efforts in computer security, and its collaborative | ||||
| activities with industry, government, and academic organizations. | ||||
| 5.31. NIST Interagency or Internal Reports (NISTIRs) | ||||
| http://csrc.nist.gov/publications/PubsNISTIRs.html | ||||
| NIST Interagency or Internal Reports (NISTIRs) describe research of a | ||||
| technical nature of interest to a specialized audience. The series | ||||
| includes interim or final reports on work performed by NIST for | ||||
| outside sponsors (both government and nongovernment). NISTIRs may | ||||
| also report results of NIST projects of transitory or limited | ||||
| interest, including those that will be published subsequently in more | ||||
| comprehensive form. | ||||
| 5.32. NIST ITL Security Bulletins | ||||
| http://csrc.nist.gov/publications/PubsITLSB.html | ||||
| ITL Bulletins are published by NIST's Information Technology | ||||
| Laboratory, with most bulletins written by the Computer Security | ||||
| Division. These bulletins are published on the average of six times | ||||
| a year. Each bulletin presents an in-depth discussion of a single | ||||
| topic of significant interest to the information systems community. | ||||
| Not all of ITL Bulletins that are published relate to computer / | ||||
| network security. Only the computer security ITL Bulletins are found | ||||
| here. | ||||
| 6. Security Considerations | 6. Security Considerations | |||
| This document describes efforts to standardize security practices and | This document describes efforts to standardize security practices and | |||
| documents. As such this document offers no security guidance | documents. As such this document offers no security guidance | |||
| whatsoever. | whatsoever. | |||
| Readers of this document should be aware of the date of publication | Readers of this document should be aware of the date of publication | |||
| of this document. It is feared that they may assume that the | of this document. It is feared that they may assume that the | |||
| efforts, on-line material, and documents are current whereas they may | efforts, on-line material, and documents are current whereas they may | |||
| not be. Please consider this when reading this document. | not be. Please consider this when reading this document. | |||
| skipping to change at page 34, line 11 | skipping to change at page 34, line 11 | |||
| Updated the date. | Updated the date. | |||
| -08 : Eighth revision of the WG ID. | -08 : Eighth revision of the WG ID. | |||
| Updated the reference to RFC 4949, found by Stephen Kent. | Updated the reference to RFC 4949, found by Stephen Kent. | |||
| -09 : Nineth revision of the WG ID. | -09 : Nineth revision of the WG ID. | |||
| Updated the date. | Updated the date. | |||
| -10 : Tenth revision of the WG ID. | ||||
| Added references to NIST documents, recommended by Steve Wolff. | ||||
| Updated the date. | ||||
| Note: This section will be removed before publication as an RFC. | Note: This section will be removed before publication as an RFC. | |||
| Authors' Addresses | Authors' Addresses | |||
| Chris Lonvick | Chris Lonvick | |||
| Cisco Systems | Cisco Systems | |||
| 12515 Research Blvd. | 12515 Research Blvd. | |||
| Austin, Texas 78759 | Austin, Texas 78759 | |||
| US | US | |||
| skipping to change at page 36, line 4 | skipping to change at line 1346 | |||
| Email: clonvick@cisco.com | Email: clonvick@cisco.com | |||
| David Spak | David Spak | |||
| Cisco Systems | Cisco Systems | |||
| 12515 Research Blvd. | 12515 Research Blvd. | |||
| Austin, Texas 78759 | Austin, Texas 78759 | |||
| US | US | |||
| Phone: +1 512 378 1720 | Phone: +1 512 378 1720 | |||
| Email: dspak@cisco.com | Email: dspak@cisco.com | |||
| Full Copyright Statement | ||||
| Copyright (C) The IETF Trust (2008). | ||||
| This document is subject to the rights, licenses and restrictions | ||||
| contained in BCP 78, and except as set forth therein, the authors | ||||
| retain all their rights. | ||||
| This document and the information contained herein are provided on an | ||||
| "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS | ||||
| OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND | ||||
| THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS | ||||
| OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF | ||||
| THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED | ||||
| WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. | ||||
| Intellectual Property | ||||
| The IETF takes no position regarding the validity or scope of any | ||||
| Intellectual Property Rights or other rights that might be claimed to | ||||
| pertain to the implementation or use of the technology described in | ||||
| this document or the extent to which any license under such rights | ||||
| might or might not be available; nor does it represent that it has | ||||
| made any independent effort to identify any such rights. Information | ||||
| on the procedures with respect to rights in RFC documents can be | ||||
| found in BCP 78 and BCP 79. | ||||
| Copies of IPR disclosures made to the IETF Secretariat and any | ||||
| assurances of licenses to be made available, or the result of an | ||||
| attempt made to obtain a general license or permission for the use of | ||||
| such proprietary rights by implementers or users of this | ||||
| specification can be obtained from the IETF on-line IPR repository at | ||||
| http://www.ietf.org/ipr. | ||||
| The IETF invites any interested party to bring to its attention any | ||||
| copyrights, patents or patent applications, or other proprietary | ||||
| rights that may cover technology that may be required to implement | ||||
| this standard. Please address the information to the IETF at | ||||
| ietf-ipr@ietf.org. | ||||
| End of changes. 9 change blocks. | ||||
| 9 lines changed or deleted | 62 lines changed or added | |||
This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||