--- 1/draft-ietf-opsec-efforts-19.txt 2013-04-13 14:05:35.111708730 +0200 +++ 2/draft-ietf-opsec-efforts-20.txt 2013-04-13 14:05:35.171708940 +0200 @@ -1,18 +1,18 @@ Network Working Group C. Lonvick Internet-Draft D. Spak Intended status: Informational Cisco Systems -Expires: April 20, 2013 October 17, 2012 +Expires: October 15, 2013 April 13, 2013 Security Best Practices Efforts and Documents - draft-ietf-opsec-efforts-19.txt + draft-ietf-opsec-efforts-20.txt Abstract This document provides a snapshot of the current efforts to define or apply security requirements in various Standards Developing Organizations (SDO). Status of this Memo This Internet-Draft is submitted in full conformance with the @@ -21,25 +21,25 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on April 20, 2013. + This Internet-Draft will expire on October 15, 2013. Copyright Notice - Copyright (c) 2012 IETF Trust and the persons identified as the + Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as @@ -50,20 +50,21 @@ 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Format of this Document . . . . . . . . . . . . . . . . . . . 6 3. Online Security Glossaries . . . . . . . . . . . . . . . . . . 7 3.1. ATIS Telecom Glossary 2007 . . . . . . . . . . . . . . . . 7 3.2. Internet Security Glossary - RFC 4949 . . . . . . . . . . 7 3.3. Compendium of Approved ITU-T Security Definitions . . . . 7 3.4. Microsoft Malware Protection Center . . . . . . . . . . . 8 3.5. SANS Glossary of Security Terms . . . . . . . . . . . . . 8 3.6. Security Taxonomy and Glossary - Anne & Lynn Wheeler . . . 8 3.7. NIST - Glossary of Key Information Security Terms . . . . 8 + 3.8. RSA Information Security Glossary . . . . . . . . . . . . 9 4. Standards Developing Organizations . . . . . . . . . . . . . . 10 4.1. 3GPP - Third Generation Partnership Project . . . . . . . 10 4.2. 3GPP2 - Third Generation Partnership Project 2 . . . . . . 10 4.3. ANSI - The American National Standards Institute . . . . . 11 4.3.1. Accredited Standards Committee X9 (ASC X9) . . . . . . 11 4.4. ATIS - Alliance for Telecommunications Industry Solutions . . . . . . . . . . . . . . . . . . . . . . . . 11 4.4.1. ATIS NPRQ - Network Performance, Reliability, and Quality of Service Committee, formerly T1A1 . . . . . 12 4.4.2. ATIS TMOC - Telecom Management and Operations @@ -258,21 +260,22 @@ Recommendations with a view toward establishing a common understanding and use of security terms within ITU-T. The original Compendium was compiled by SG 17, Lead Study Group on Communication Systems Security (LSG-CSS). http://www.itu.int/itudoc/itu-t/com17/activity/def004.html Date published: 2003 3.4. Microsoft Malware Protection Center - http://www.microsoft.com/security/glossary.mspx + http://www.microsoft.com/security/portal/threat/encyclopedia/ + glossary.aspx The Microsoft Malware Protection Center, Threat Research and Response Glossary was created to explain the concepts, technologies, and products associated with computer security. Date published: indeterminate 3.5. SANS Glossary of Security Terms http://www.sans.org/security-resources/glossary-of-terms/ @@ -307,21 +310,33 @@ This glossary of basic security terms has been extracted from NIST Federal Information Processing Standards (FIPS) and the Special Publication (SP) 800 series. The terms included are not all inclusive of terms found in these publications, but are a subset of basic terms that are most frequently used. The purpose of this glossary is to provide a central resource of definitions most commonly used in NIST security publications. Date originally published: April 2006 - Date of this update: February 2100 + Date of this update: February 2010 + +3.8. RSA Information Security Glossary + + http://www.rsa.com/glossary/ + + Welcome to the RSA Security Information Security Glossary. This + glossary is offered as an aid to understanding current concepts and + initiatives in the realm of Information Security. The terms were + chosen based on their importance in understanding the solutions, + services and products that RSA security provides for its customers. + + Date originally published: 2005 4. Standards Developing Organizations This section of this document lists the SDOs, or organizations that appear to be developing security related standards. These SDOs are listed in alphabetical order. Note: The authors would appreciate corrections and additions. This note will be removed before publication as an RFC. @@ -1580,20 +1595,25 @@ -18 : Eighteenth revision of the WG ID. Updated the date and reviewed the accuracy of Section 4. Some changes made. -19 : Ninteenth revision of the WG ID. Updated the date and reviewed the accuracy of Section 5. Some changes made. + -20 : Twentieth revision of the WG ID. + + Updated the date and reviewed the accuracy of Section 3. Some + changes made. + Note: This section will be removed before publication as an RFC. Authors' Addresses Chris Lonvick Cisco Systems 12515 Research Blvd. Austin, Texas 78759 US