I've published an Internet Draft on "Security Requirements for Devices Implementing IP".
You can view it at:
http://www.ietf.org/internet-drafts/draft-jones-opsec-00.txt
This is an outgrowth of a document used by UUNET (my former employer) to sanity check/security qualify equipment for connection to the backbone.
The point of publishing the document is to start discussion. There is a mailing
list set up: [EMAIL PROTECTED] Subscribe by sending a message to
"[EMAIL PROTECTED]" with "subscribe opsec" in the body.
The point of the document is to create a useful list that network operators can use to communicate their securtiy requirements to vendors.
Please have a look and comment.
Thanks, ---George Jones
