On Oct 15, 2013, at 10:12 PM, Dave Dugal <[email protected]> wrote: > I agree with the updated charter as presented below. > > Please consider removing the following minor cut/paste error: > >> >> Informational or Best Current Practices Documents >> >> For each topic addressed, the working group will produce a document that >> captures common practices related to secure network operation. -will be >> produced-. This will be primarily based on operational experience. A >> document might convey: > > EDIT: Remove " will be produced."
Ah-ha! That was a cunning trick to see if anyone was actually reading the text -- guess they were. (AKA, thank you, not sure where that climbed in…) W > > - Dave Dugal > > On 10/15/2013 12:52 PM, The IESG <[email protected]> proclaimed ... >> The Operational Security Capabilities for IP Network Infrastructure >> (opsec) working group in the Operations and Management Area of the IETF >> is undergoing rechartering. The IESG has not made any determination yet. >> The following draft charter was submitted, and is provided for >> informational purposes only. Please send your comments to the IESG >> mailing list (iesg at ietf.org) by 2013-10-22. >> >> Operational Security Capabilities for IP Network Infrastructure (opsec) >> ------------------------------------------------ >> Current Status: Active WG >> >> Chairs: >> Warren Kumari <[email protected]> >> Gunter Van de Velde <[email protected]> >> KK Chittimaneni <[email protected]> >> >> Assigned Area Director: >> Joel Jaeggli <[email protected]> >> >> Mailing list >> Address: [email protected] >> To Subscribe: https://www.ietf.org/mailman/listinfo/opsec >> Archive: http://www.ietf.org/mail-archive/web/opsec/ >> >> Charter: >> >> Goals: >> >> The OPSEC WG will document operational issues and best current practices >> with regard to network security.In particular, the working group will >> clarify the rationale of supporting current operational practice, >> addressing gaps in currently understood best practices, and clarifying >> liabilities inherent in security practices where they exist. >> >> Scope: >> >> The scope of the OPSEC WG includes the protection and secure operation >> of the forwarding, control and management planes. Documentation of >> operational issues, revision of existing operational security practices >> documents and proposals for new approaches to operational challenges >> related to network security are in scope. >> >> Method: >> >> The work will result in the publication of informational or BCP RFCs. >> Taxonomy or problem statement documents may provide a basis for such >> documents. >> >> Informational or Best Current Practices Documents >> >> For each topic addressed, the working group will produce a document that >> captures common practices related to secure network operation. will be >> produced. This will be primarily based on operational experience. A >> document might convey: >> >> * a threat or threats to be addressed >> >> * current practices for addressing the threat >> >> * protocols, tools and technologies extant at the time of writing that >> are used to address the threat >> >> * the possibility that a solution does not exist within existing tools or >> technologies >> >> Taxonomy and Problem Statement Documents >> >> These are documents that describe the scope of particular operational >> security challenges or problem spaces without necessarily coming to >> conclusions or proposing solutions. Such a document might be the >> precusor to an informational or best current practices document. >> >> While the principal input of the working group is operational experience >> and needs, the output should be directed towards providing guidance to >> the operators community, other working groups that develop protocols or >> the protocol development community. >> >> Non-Goals: >> >> The OPSEC WG is will not write or modify protocols. New protocol work >> must be addressed through a working group chartered for that work, or >> via one of the individual submission processes. The OPSEC WG may take on >> documents related to the practices of using such work. >> >> >> >> Milestones: >> Done - Complete Charter >> Done - First draft of Framework Document as Internet Draft >> Done - First draft of Standards Survey Document as Internet Draft >> Done - First draft of Packet Filtering Capabilities >> Done - First draft of Event Logging Capabilities >> Done - First draft of Network Operator Current Security Practices >> Done - First draft of In-Band management capabilities >> Done - First draft of Out-of-Band management capabilities >> Done - First draft of Configuration and Management Interface >> Capabilities >> Done - Submit Network Operator Current Security Practices to IESG >> Dec 2012 - WG Adoption of 'BGP operations and security' document >> Dec 2012 - WG Adoption of 'Network Reconnaissance in IPv6 Networks' >> document >> Dec 2012 - WG Adoption of 'DHCPv6-Shield: Protecting Against Rogue >> DHCPv6 Servers' document >> Dec 2012 - WG Adoption of 'Virtual Private Network (VPN) traffic >> leakages in dual-stack hosts/networks' document >> Jan 2013 - WG Last Call for 'Operational Security Considerations for >> IPv6 Networks' document >> Jan 2013 - WG Last Call for 'Recommendations for filtering ICMP >> messages' document >> Jan 2013 - WG Last Call for 'Recommendations on filtering of IPv4 >> packets containing IPv4 options' document >> Jan 2013 - WG Last Call for 'Security Implications of IPv6 on IPv4 >> networks' document >> Mar 2013 - WG Last Call for 'Using Only Link-Local Addressing Inside an >> IPv6 Network' document >> Mar 2013 - Submit 'Recommendations for filtering ICMP messages' >> document to IESG >> Mar 2013 - Submit 'Recommendations on filtering of IPv4 packets >> containing IPv4 options' document to IESG >> Mar 2013 - Submit 'Operational Security Considerations for IPv6 >> Networks' document to IESG >> Mar 2013 - Submit 'Recommendations for filtering ICMP messages' >> document to IESG >> May 2013 - Submit 'Using Only Link-Local Addressing Inside an IPv6 >> Network' document to IESG >> Jul 2013 - WG Last Call for 'BGP operations and security' document >> Jul 2013 - WG Last Call for 'Network Reconnaissance in IPv6 Networks' >> document >> Jul 2013 - WG Last Call for 'DHCPv6-Shield: Protecting Against Rogue >> DHCPv6 Servers' document >> Jul 2013 - WG Last Call for 'Virtual Private Network (VPN) traffic >> leakages in dual-stack hosts/networks' document >> Sep 2013 - Submit 'BGP operations and security' document to IESG >> Sep 2013 - Submit 'Network Reconnaissance in IPv6 Networks' document to >> IESG >> Sep 2013 - Submit 'DHCPv6-Shield: Protecting Against Rogue DHCPv6 >> Servers' document to IESG >> >> >> _______________________________________________ >> OPSEC mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/opsec >> >> >> . >> > > _______________________________________________ > OPSEC mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/opsec > -- After you'd known Christine for any length of time, you found yourself fighting a desire to look into her ear to see if you could spot daylight coming the other way. -- (Terry Pratchett, Maskerade) _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
