--- 1/draft-ietf-opsec-efforts-09.txt	2009-04-14 02:12:04.000000000 +0200
+++ 2/draft-ietf-opsec-efforts-10.txt	2009-04-14 02:12:04.000000000 +0200
@@ -1,43 +1,52 @@
 
 Network Working Group                                         C. Lonvick
 Internet-Draft                                                   D. Spak
-Expires: June 14, 2009                                     Cisco Systems
-                                                       December 11, 2008
+Expires: October 15, 2009                                  Cisco Systems
+                                                          April 13, 2009
 
              Security Best Practices Efforts and Documents
-                    draft-ietf-opsec-efforts-09.txt
+                    draft-ietf-opsec-efforts-10.txt
 
 Status of this Memo
 
-   By submitting this Internet-Draft, each author represents that any
-   applicable patent or other IPR claims of which he or she is aware
-   have been or will be disclosed, and any of which he or she becomes
-   aware will be disclosed, in accordance with Section 6 of BCP 79.
+   This Internet-Draft is submitted to IETF in full conformance with the
+   provisions of BCP 78 and BCP 79.
 
    Internet-Drafts are working documents of the Internet Engineering
    Task Force (IETF), its areas, and its working groups.  Note that
    other groups may also distribute working documents as Internet-
    Drafts.
 
    Internet-Drafts are draft documents valid for a maximum of six months
    and may be updated, replaced, or obsoleted by other documents at any
    time.  It is inappropriate to use Internet-Drafts as reference
    material or to cite them other than as "work in progress."
 
    The list of current Internet-Drafts can be accessed at
    http://www.ietf.org/ietf/1id-abstracts.txt.
 
    The list of Internet-Draft Shadow Directories can be accessed at
    http://www.ietf.org/shadow.html.
 
-   This Internet-Draft will expire on June 14, 2009.
+   This Internet-Draft will expire on October 15, 2009.
+
+Copyright Notice
+
+   Copyright (c) 2009 IETF Trust and the persons identified as the
+   document authors.  All rights reserved.
+
+   This document is subject to BCP 78 and the IETF Trust's Legal
+   Provisions Relating to IETF Documents in effect on the date of
+   publication of this document (http://trustee.ietf.org/license-info).
+   Please review these documents carefully, as they describe your rights
+   and restrictions with respect to this document.
 
 Abstract
 
    This document provides a snapshot of the current efforts to define or
    apply security requirements in various Standards Developing
    Organizations (SDO).
 
 Table of Contents
 
    1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  5
@@ -132,26 +141,28 @@
      5.21. Catalogue of ITU-T Recommendations related to
            Communications System Security . . . . . . . . . . . . . . 25
      5.22. ITU-T Security Manual  . . . . . . . . . . . . . . . . . . 25
      5.23. ITU-T NGN Effort . . . . . . . . . . . . . . . . . . . . . 26
      5.24. NRIC VI Focus Groups . . . . . . . . . . . . . . . . . . . 26
      5.25. OASIS Security Joint Committee . . . . . . . . . . . . . . 26
      5.26. OASIS Security Services (SAML) TC  . . . . . . . . . . . . 27
      5.27. OIF Implementation Agreements  . . . . . . . . . . . . . . 27
      5.28. TIA  . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
      5.29. WS-I Basic Security Profile  . . . . . . . . . . . . . . . 28
+     5.30. NIST Special Publications (800 Series) . . . . . . . . . . 28
+     5.31. NIST Interagency or Internal Reports (NISTIRs) . . . . . . 28
+     5.32. NIST ITL Security Bulletins  . . . . . . . . . . . . . . . 28
    6.  Security Considerations  . . . . . . . . . . . . . . . . . . . 29
    7.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 30
    8.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 31
    9.  Changes from Prior Drafts  . . . . . . . . . . . . . . . . . . 32
    Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 35
-   Intellectual Property and Copyright Statements . . . . . . . . . . 36
 
 1.  Introduction
 
    The Internet is being recognized as a critical infrastructure similar
    in nature to the power grid and a potable water supply.  Just like
    those infrastructures, means are needed to provide resiliency and
    adaptability to the Internet so that it remains consistently
    available to the public throughout the world even during times of
    duress or attack.  For this reason, many SDOs are developing
    standards with hopes of retaining an acceptable level, or even
@@ -1134,20 +1145,57 @@
 
 5.29.  WS-I Basic Security Profile
 
    http://www.ws-i.org/Profiles/BasicSecurityProfile-1.0.html
 
    The WS-I Basic Security Profile 1.0 consists of a set of non-
    proprietary Web services specifications, along with clarifications
    and amendments to those specifications which promote
    interoperability.
 
+5.30.  NIST Special Publications (800 Series)
+
+   http://csrc.nist.gov/publications/PubsSPs.html
+
+   Special Publications in the 800 series present documents of general
+   interest to the computer security community.  The Special Publication
+   800 series was established in 1990 to provide a separate identity for
+   information technology security publications.  This Special
+   Publication 800 series reports on ITL's research, guidelines, and
+   outreach efforts in computer security, and its collaborative
+   activities with industry, government, and academic organizations.
+
+5.31.  NIST Interagency or Internal Reports (NISTIRs)
+
+   http://csrc.nist.gov/publications/PubsNISTIRs.html
+
+   NIST Interagency or Internal Reports (NISTIRs) describe research of a
+   technical nature of interest to a specialized audience.  The series
+   includes interim or final reports on work performed by NIST for
+   outside sponsors (both government and nongovernment).  NISTIRs may
+   also report results of NIST projects of transitory or limited
+   interest, including those that will be published subsequently in more
+   comprehensive form.
+
+5.32.  NIST ITL Security Bulletins
+
+   http://csrc.nist.gov/publications/PubsITLSB.html
+
+   ITL Bulletins are published by NIST's Information Technology
+   Laboratory, with most bulletins written by the Computer Security
+   Division.  These bulletins are published on the average of six times
+   a year.  Each bulletin presents an in-depth discussion of a single
+   topic of significant interest to the information systems community.
+   Not all of ITL Bulletins that are published relate to computer /
+   network security.  Only the computer security ITL Bulletins are found
+   here.
+
 6.  Security Considerations
 
    This document describes efforts to standardize security practices and
    documents.  As such this document offers no security guidance
    whatsoever.
 
    Readers of this document should be aware of the date of publication
    of this document.  It is feared that they may assume that the
    efforts, on-line material, and documents are current whereas they may
    not be.  Please consider this when reading this document.
@@ -1262,20 +1310,25 @@
       Updated the date.
 
    -08 : Eighth revision of the WG ID.
 
       Updated the reference to RFC 4949, found by Stephen Kent.
 
    -09 : Nineth revision of the WG ID.
 
       Updated the date.
 
+   -10 : Tenth revision of the WG ID.
+
+      Added references to NIST documents, recommended by Steve Wolff.
+      Updated the date.
+
    Note: This section will be removed before publication as an RFC.
 
 Authors' Addresses
 
    Chris Lonvick
    Cisco Systems
    12515 Research Blvd.
    Austin, Texas  78759
    US
 
@@ -1283,50 +1336,10 @@
    Email: clonvick@cisco.com
 
    David Spak
    Cisco Systems
    12515 Research Blvd.
    Austin, Texas  78759
    US
 
    Phone: +1 512 378 1720
    Email: dspak@cisco.com
-
-Full Copyright Statement
-
-   Copyright (C) The IETF Trust (2008).
-
-   This document is subject to the rights, licenses and restrictions
-   contained in BCP 78, and except as set forth therein, the authors
-   retain all their rights.
-
-   This document and the information contained herein are provided on an
-   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
-   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
-   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
-   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
-   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
-   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Intellectual Property
-
-   The IETF takes no position regarding the validity or scope of any
-   Intellectual Property Rights or other rights that might be claimed to
-   pertain to the implementation or use of the technology described in
-   this document or the extent to which any license under such rights
-   might or might not be available; nor does it represent that it has
-   made any independent effort to identify any such rights.  Information
-   on the procedures with respect to rights in RFC documents can be
-   found in BCP 78 and BCP 79.
-
-   Copies of IPR disclosures made to the IETF Secretariat and any
-   assurances of licenses to be made available, or the result of an
-   attempt made to obtain a general license or permission for the use of
-   such proprietary rights by implementers or users of this
-   specification can be obtained from the IETF on-line IPR repository at
-   http://www.ietf.org/ipr.
-
-   The IETF invites any interested party to bring to its attention any
-   copyrights, patents or patent applications, or other proprietary
-   rights that may cover technology that may be required to implement
-   this standard.  Please address the information to the IETF at
-   ietf-ipr@ietf.org.