draft-ietf-opsec-efforts-18.txt		draft-ietf-opsec-efforts-19.txt
	Network Working Group C. Lonvick		Network Working Group C. Lonvick
	Internet-Draft D. Spak		Internet-Draft D. Spak
	Intended status: Informational Cisco Systems		Intended status: Informational Cisco Systems
	Expires: October 20, 2012 April 18, 2012		Expires: April 20, 2013 October 17, 2012
	Security Best Practices Efforts and Documents		Security Best Practices Efforts and Documents
	draft-ietf-opsec-efforts-18.txt		draft-ietf-opsec-efforts-19.txt
	Abstract		Abstract
	This document provides a snapshot of the current efforts to define or		This document provides a snapshot of the current efforts to define or
	apply security requirements in various Standards Developing		apply security requirements in various Standards Developing
	Organizations (SDO).		Organizations (SDO).
	Status of this Memo		Status of this Memo
	This Internet-Draft is submitted in full conformance with the		This Internet-Draft is submitted in full conformance with the
	skipping to change at page 1, line 32		skipping to change at page 1, line 32
	Internet-Drafts are working documents of the Internet Engineering		Internet-Drafts are working documents of the Internet Engineering
	Task Force (IETF). Note that other groups may also distribute		Task Force (IETF). Note that other groups may also distribute
	working documents as Internet-Drafts. The list of current Internet-		working documents as Internet-Drafts. The list of current Internet-
	Drafts is at http://datatracker.ietf.org/drafts/current/.		Drafts is at http://datatracker.ietf.org/drafts/current/.
	Internet-Drafts are draft documents valid for a maximum of six months		Internet-Drafts are draft documents valid for a maximum of six months
	and may be updated, replaced, or obsoleted by other documents at any		and may be updated, replaced, or obsoleted by other documents at any
	time. It is inappropriate to use Internet-Drafts as reference		time. It is inappropriate to use Internet-Drafts as reference
	material or to cite them other than as "work in progress."		material or to cite them other than as "work in progress."
	This Internet-Draft will expire on October 20, 2012.		This Internet-Draft will expire on April 20, 2013.
	Copyright Notice		Copyright Notice
	Copyright (c) 2012 IETF Trust and the persons identified as the		Copyright (c) 2012 IETF Trust and the persons identified as the
	document authors. All rights reserved.		document authors. All rights reserved.
	This document is subject to BCP 78 and the IETF Trust's Legal		This document is subject to BCP 78 and the IETF Trust's Legal
	Provisions Relating to IETF Documents		Provisions Relating to IETF Documents
	(http://trustee.ietf.org/license-info) in effect on the date of		(http://trustee.ietf.org/license-info) in effect on the date of
	publication of this document. Please review these documents		publication of this document. Please review these documents
	skipping to change at page 3, line 41		skipping to change at page 3, line 41
	5.9. ITU-T Study Group 2 . . . . . . . . . . . . . . . . . . . 28		5.9. ITU-T Study Group 2 . . . . . . . . . . . . . . . . . . . 28
	5.10. ITU-T Study Group 17 . . . . . . . . . . . . . . . . . . . 28		5.10. ITU-T Study Group 17 . . . . . . . . . . . . . . . . . . . 28
	5.11. NRIC VII Focus Groups . . . . . . . . . . . . . . . . . . 30		5.11. NRIC VII Focus Groups . . . . . . . . . . . . . . . . . . 30
	5.12. OASIS Security Technical Committees . . . . . . . . . . . 31		5.12. OASIS Security Technical Committees . . . . . . . . . . . 31
	5.13. OIF Implementation Agreements . . . . . . . . . . . . . . 31		5.13. OIF Implementation Agreements . . . . . . . . . . . . . . 31
	5.14. TIA - Critical Infrastructure Protection (CIP) and		5.14. TIA - Critical Infrastructure Protection (CIP) and
	Homeland Security (HS) . . . . . . . . . . . . . . . . . . 31		Homeland Security (HS) . . . . . . . . . . . . . . . . . . 31
	5.15. NIST Special Publications (800 Series) . . . . . . . . . . 32		5.15. NIST Special Publications (800 Series) . . . . . . . . . . 32
	5.16. NIST Interagency or Internal Reports (NISTIRs) . . . . . . 32		5.16. NIST Interagency or Internal Reports (NISTIRs) . . . . . . 32
	5.17. NIST ITL Security Bulletins . . . . . . . . . . . . . . . 32		5.17. NIST ITL Security Bulletins . . . . . . . . . . . . . . . 32
	5.18. SANS Information Security Reading Room . . . . . . . . . . 33		5.18. SANS Information Security Reading Room . . . . . . . . . . 32
	6. Security Considerations . . . . . . . . . . . . . . . . . . . 34		6. Security Considerations . . . . . . . . . . . . . . . . . . . 34
	7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 35		7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 35
	8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 36		8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 36
	9. Changes from Prior Drafts . . . . . . . . . . . . . . . . . . 37		9. Changes from Prior Drafts . . . . . . . . . . . . . . . . . . 37
	Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 41		Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 41
	1. Introduction		1. Introduction
	The Internet is being recognized as a critical infrastructure similar		The Internet is being recognized as a critical infrastructure similar
	in nature to the power grid and a potable water supply. Just like		in nature to the power grid and a potable water supply. Just like
	skipping to change at page 22, line 30		skipping to change at page 22, line 30
	Security Telecommunications Advisory Committee (NSTAC) mission is to		Security Telecommunications Advisory Committee (NSTAC) mission is to
	provide the U.S. Government the best possible industry advice in		provide the U.S. Government the best possible industry advice in
	these areas.		these areas.
	4.17. TIA - The Telecommunications Industry Association		4.17. TIA - The Telecommunications Industry Association
	http://www.tiaonline.org/		http://www.tiaonline.org/
	The Telecommunications Industry Association (TIA) is the leading		The Telecommunications Industry Association (TIA) is the leading
	trade association representing the global information and		trade association representing the global information and
	communications technology (ICT) industries through standards		communications technology (ICT) industry through Standards
	development, government affairs, business opportunities, market		development, Policy initiatives, business opportunities, market
	intelligence, certification and world-wide environmental regulatory		intelligence and networking events. With support from hundreds of
	compliance. With support from its 600 members, TIA enhances the		members, TIA enhances the business environment for companies involved
	business environment for companies involved in telecommunications,		in telecom, broadband, mobile wireless, information technology,
	broadband, mobile wireless, information technology, networks, cable,		networks, cable, satellite, unified communications, emergency
	satellite, unified communications, emergency communications and the		communications and the greening of technology. TIA is accredited by
	greening of technology. TIA is accredited by ANSI.		ANSI.
	4.17.1. APCO Project 25 Public Safety Standards		4.17.1. APCO Project 25 Public Safety Standards
	http://www.tiaonline.org/all-standards/committees/tr-8		http://www.tiaonline.org/all-standards/committees/tr-8
	Recognizing the need for common standards for first responders and		Recognizing the need for common standards for first responders and
	homeland security/emergency response professionals, representatives		homeland security/emergency response professionals, representatives
	from the Association of Public Safety Communications Officials		from the Association of Public Safety Communications Officials
	International (APCO), the National Association of State		International (APCO), the National Association of State
	Telecommunications Directors (NASTD), selected federal agencies and		Telecommunications Directors (NASTD), selected federal agencies and
	skipping to change at page 31, line 51		skipping to change at page 31, line 51
	(September 2003)		(September 2003)
	http://www.oiforum.com/public/documents/SecurityMgmt-IA.pdf		http://www.oiforum.com/public/documents/SecurityMgmt-IA.pdf
	OIF-SMI-02.1 - Addendum to the Security for Management Interfaces to		OIF-SMI-02.1 - Addendum to the Security for Management Interfaces to
	Network Elements (March 2006)		Network Elements (March 2006)
	http://www.oiforum.com/public/documents/OIF-SMI-02_1.pdf		http://www.oiforum.com/public/documents/OIF-SMI-02_1.pdf
	5.14. TIA - Critical Infrastructure Protection (CIP) and Homeland		5.14. TIA - Critical Infrastructure Protection (CIP) and Homeland
	Security (HS)		Security (HS)
	This TIA webpage identifies and links to many standards, other		The TIA Cybersecurity Working Group advocates public policy positions
	technical documents and ongoing activity involving or supporting		related to the security of ICT equipment and services from a vendor
	TIA's role in Public Safety and Homeland Security, Network Security,		perspective as it relates to critical infrastructure, supply chain
	Critical Infrastructure Protection and Assurance, National Security/		and information sharing.
	Emergency Preparedness, Emergency Communications Services, Emergency
	Calling and Location Identification Services, and the Needs of First
	Responders.
	http://www.tiaonline.org/standards/technology/ciphs/		http://www.tiaonline.org/policy/cybersecurity
	5.15. NIST Special Publications (800 Series)		5.15. NIST Special Publications (800 Series)
	http://csrc.nist.gov/publications/PubsSPs.html		http://csrc.nist.gov/publications/PubsSPs.html
	Special Publications in the 800 series present documents of general		Special Publications in the 800 series present documents of general
	interest to the computer security community. The Special Publication		interest to the computer security community. The Special Publication
	800 series was established in 1990 to provide a separate identity for		800 series was established in 1990 to provide a separate identity for
	information technology security publications. This Special		information technology security publications. This Special
	Publication 800 series reports on ITL's research, guidelines, and		Publication 800 series reports on ITL's research, guidelines, and
	skipping to change at page 33, line 9		skipping to change at page 32, line 51
	a year. Each bulletin presents an in-depth discussion of a single		a year. Each bulletin presents an in-depth discussion of a single
	topic of significant interest to the information systems community.		topic of significant interest to the information systems community.
	Not all of ITL Bulletins that are published relate to computer /		Not all of ITL Bulletins that are published relate to computer /
	network security. Only the computer security ITL Bulletins are found		network security. Only the computer security ITL Bulletins are found
	here.		here.
	5.18. SANS Information Security Reading Room		5.18. SANS Information Security Reading Room
	http://www.sans.org/reading_room/		http://www.sans.org/reading_room/
	Featuring over 1,885 original computer security white papers in 75		Featuring over 1,969 original computer security white papers in 77
	different categories.		different categories
	Most of the computer security white papers in the Reading Room have		Most of the computer security white papers in the Reading Room have
	been written by students seeking GIAC certification to fulfill part		been written by students seeking GIAC certification to fulfill part
	of their certification requirements and are provided by SANS as a		of their certification requirements and are provided by SANS as a
	resource to benefit the security community at large. SANS attempts		resource to benefit the security community at large. SANS attempts
	to ensure the accuracy of information, but papers are published "as		to ensure the accuracy of information, but papers are published "as
	is". Errors or inconsistencies may exist or may be introduced over		is". Errors or inconsistencies may exist or may be introduced over
	time as material becomes dated.		time as material becomes dated.
	6. Security Considerations		6. Security Considerations
	skipping to change at page 40, line 22		skipping to change at page 40, line 22
	-17 : Seventeenth revision of the WG ID.		-17 : Seventeenth revision of the WG ID.
	Updated the date and reviewed the accuracy of Section 3. A couple		Updated the date and reviewed the accuracy of Section 3. A couple
	of changes made.		of changes made.
	-18 : Eighteenth revision of the WG ID.		-18 : Eighteenth revision of the WG ID.
	Updated the date and reviewed the accuracy of Section 4. Some		Updated the date and reviewed the accuracy of Section 4. Some
	changes made.		changes made.
			-19 : Ninteenth revision of the WG ID.
			Updated the date and reviewed the accuracy of Section 5. Some
			changes made.
	Note: This section will be removed before publication as an RFC.		Note: This section will be removed before publication as an RFC.
	Authors' Addresses		Authors' Addresses
	Chris Lonvick		Chris Lonvick
	Cisco Systems		Cisco Systems
	12515 Research Blvd.		12515 Research Blvd.
	Austin, Texas 78759		Austin, Texas 78759
	US		US
End of changes. 9 change blocks.
	22 lines changed or deleted		24 lines changed or added
This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/