I agree with the updated charter as presented below. Please consider removing the following minor cut/paste error:
> > Informational or Best Current Practices Documents > > For each topic addressed, the working group will produce a document that > captures common practices related to secure network operation. -will be > produced-. This will be primarily based on operational experience. A > document might convey: EDIT: Remove " will be produced." - Dave Dugal On 10/15/2013 12:52 PM, The IESG <[email protected]> proclaimed ... > The Operational Security Capabilities for IP Network Infrastructure > (opsec) working group in the Operations and Management Area of the IETF > is undergoing rechartering. The IESG has not made any determination yet. > The following draft charter was submitted, and is provided for > informational purposes only. Please send your comments to the IESG > mailing list (iesg at ietf.org) by 2013-10-22. > > Operational Security Capabilities for IP Network Infrastructure (opsec) > ------------------------------------------------ > Current Status: Active WG > > Chairs: > Warren Kumari <[email protected]> > Gunter Van de Velde <[email protected]> > KK Chittimaneni <[email protected]> > > Assigned Area Director: > Joel Jaeggli <[email protected]> > > Mailing list > Address: [email protected] > To Subscribe: https://www.ietf.org/mailman/listinfo/opsec > Archive: http://www.ietf.org/mail-archive/web/opsec/ > > Charter: > > Goals: > > The OPSEC WG will document operational issues and best current practices > with regard to network security.In particular, the working group will > clarify the rationale of supporting current operational practice, > addressing gaps in currently understood best practices, and clarifying > liabilities inherent in security practices where they exist. > > Scope: > > The scope of the OPSEC WG includes the protection and secure operation > of the forwarding, control and management planes. Documentation of > operational issues, revision of existing operational security practices > documents and proposals for new approaches to operational challenges > related to network security are in scope. > > Method: > > The work will result in the publication of informational or BCP RFCs. > Taxonomy or problem statement documents may provide a basis for such > documents. > > Informational or Best Current Practices Documents > > For each topic addressed, the working group will produce a document that > captures common practices related to secure network operation. will be > produced. This will be primarily based on operational experience. A > document might convey: > > * a threat or threats to be addressed > > * current practices for addressing the threat > > * protocols, tools and technologies extant at the time of writing that > are used to address the threat > > * the possibility that a solution does not exist within existing tools or > technologies > > Taxonomy and Problem Statement Documents > > These are documents that describe the scope of particular operational > security challenges or problem spaces without necessarily coming to > conclusions or proposing solutions. Such a document might be the > precusor to an informational or best current practices document. > > While the principal input of the working group is operational experience > and needs, the output should be directed towards providing guidance to > the operators community, other working groups that develop protocols or > the protocol development community. > > Non-Goals: > > The OPSEC WG is will not write or modify protocols. New protocol work > must be addressed through a working group chartered for that work, or > via one of the individual submission processes. The OPSEC WG may take on > documents related to the practices of using such work. > > > > Milestones: > Done - Complete Charter > Done - First draft of Framework Document as Internet Draft > Done - First draft of Standards Survey Document as Internet Draft > Done - First draft of Packet Filtering Capabilities > Done - First draft of Event Logging Capabilities > Done - First draft of Network Operator Current Security Practices > Done - First draft of In-Band management capabilities > Done - First draft of Out-of-Band management capabilities > Done - First draft of Configuration and Management Interface > Capabilities > Done - Submit Network Operator Current Security Practices to IESG > Dec 2012 - WG Adoption of 'BGP operations and security' document > Dec 2012 - WG Adoption of 'Network Reconnaissance in IPv6 Networks' > document > Dec 2012 - WG Adoption of 'DHCPv6-Shield: Protecting Against Rogue > DHCPv6 Servers' document > Dec 2012 - WG Adoption of 'Virtual Private Network (VPN) traffic > leakages in dual-stack hosts/networks' document > Jan 2013 - WG Last Call for 'Operational Security Considerations for > IPv6 Networks' document > Jan 2013 - WG Last Call for 'Recommendations for filtering ICMP > messages' document > Jan 2013 - WG Last Call for 'Recommendations on filtering of IPv4 > packets containing IPv4 options' document > Jan 2013 - WG Last Call for 'Security Implications of IPv6 on IPv4 > networks' document > Mar 2013 - WG Last Call for 'Using Only Link-Local Addressing Inside an > IPv6 Network' document > Mar 2013 - Submit 'Recommendations for filtering ICMP messages' > document to IESG > Mar 2013 - Submit 'Recommendations on filtering of IPv4 packets > containing IPv4 options' document to IESG > Mar 2013 - Submit 'Operational Security Considerations for IPv6 > Networks' document to IESG > Mar 2013 - Submit 'Recommendations for filtering ICMP messages' > document to IESG > May 2013 - Submit 'Using Only Link-Local Addressing Inside an IPv6 > Network' document to IESG > Jul 2013 - WG Last Call for 'BGP operations and security' document > Jul 2013 - WG Last Call for 'Network Reconnaissance in IPv6 Networks' > document > Jul 2013 - WG Last Call for 'DHCPv6-Shield: Protecting Against Rogue > DHCPv6 Servers' document > Jul 2013 - WG Last Call for 'Virtual Private Network (VPN) traffic > leakages in dual-stack hosts/networks' document > Sep 2013 - Submit 'BGP operations and security' document to IESG > Sep 2013 - Submit 'Network Reconnaissance in IPv6 Networks' document to > IESG > Sep 2013 - Submit 'DHCPv6-Shield: Protecting Against Rogue DHCPv6 > Servers' document to IESG > > > _______________________________________________ > OPSEC mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/opsec > > > . > _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
