ietf-63 opsec wg opsec wg _______ operational security capabilities for ip network infrastructure...
TRANSCRIPT
IETF-63 OPSEC WG
OPSEC WG_______
Operational Security Capabilities for IP Network
Infrastructure IETF #65 - Dallas
IETF-63 OPSEC WG
Note WellAny submission to the IETF intended by the Contributor for publication
as all or part of an IETF Internet-Draft or RFC and any statement made within the context of an IETF activity is considered an "IETF Contribution". Such statements include oral statements in IETF sessions, as well as written and electronic communications made at any time or place, which are addressed to: – the IETF plenary session, – any IETF working group or portion thereof, – the IESG, or any member thereof on behalf of the IESG, – the IAB or any member thereof on behalf of the IAB, – any IETF mailing list, including the IETF list itself, any working
group or design team list, or any other list functioning under IETF auspices,
– the RFC Editor or the Internet-Drafts function All IETF Contributions are subject to the rules of RFC 3667 and RFC
3668.Statements made outside of an IETF session, mailing list or other
function, that are clearly not intended to be input to an IETF activity, group or function, are not IETF Contributions in the context of this notice.
Please consult RFC 3667 for details.
IETF-63 OPSEC WG
Front Administrativia
• Backup Minutes scribe?
• Jabber scribe? (opsec) rooms.jabber.ietf.org• When speaking:
– Please identify yourself (for the scribes)– Don’t mumble– Speak at/to/near the microphone. The audio is being
streamed out. (aka, “eat the mike”)
IETF-63 OPSEC WG
Discussion/Administratia
• Time for Discussion• Maillist:
– General Discussion: [email protected]– To Subscribe: [email protected]
In Body: subscribe– Archive: http://ops.ietf.org/lists/opsec/
IETF-63 OPSEC WG
Agenda
• 1510-1514: Introductions and Housekeeping (Pat/Ross)
• 1515-1530: Document and WG status (Ross/Pat)
• 1531-1535: Adjusted Milestones (Ross)
• 1536-1558: Profiling Capabilities (Pat)
• 16:00: Adjourn
IETF-63 OPSEC WG
Charter: Outputs
1. Framework Document• Out for review
2. Current Practices Document• Out for review
3. Individual Capability Documents• Looking for editors/reviewers
4. Profile Documents• In the future
IETF-63 OPSEC WG
Document and WG status
IETF-63 OPSEC WG
Available Documents
• Framework for Operational Security Capabilities for IP Network Infrastructure
• draft-ietf-opsec-framework-02.txt
• Security Best Practices Efforts and Documents • draft-ietf-opsec-efforts-02.txt
• Operational Security Current Practices • draft-ietf-opsec-current-practices-02.txt
• Filtering Capabilities for IP Network Infrastructure• draft-ietf-opsec-current-practices-02.txt
IETF-63 OPSEC WG
Newly Available Documents
• Miscellaneous Capabilities for IP Network Infrastructure
• draft-ietf-opsec-misc-cap-00.txt
• Network Management Access Security Capabilities • draft-ietf-opsec-nmasc-00.txt
IETF-63 OPSEC WG
Adjusted Milestones
IETF-63 OPSEC WG
Capabilities Docs in Charter
Packet Filtering
Event Logging (Management Capabilties)
In-Band management
Out-of-Band management
? Configuration and Management Interface
Authentication, Authorization & Accounting (AAA)
? Documentation and Assurance
Miscellaneous
IETF-63 OPSEC WG
Milestones - Completed
Orig New Task
1. Done Complete Charter
2. Done First draft of Framework Doc as ID
3. Done First draft of Standards Survey Doc as ID
4. Done First draft of Packet Filtering Capabilities
5. Done First draft of Network Operator CurrentSecurity Practices
6. Done First draft of In-Band management caps
7. Done First draft of Out-of-Band management caps
8. Done First draft of Miscellaneous capabilities
IETF-63 OPSEC WG
Milestones - UpcomingOrig New Task
1. Oct 04 Jul 06 First draft of Event Logging Caps2. Feb 05 Jun 06 First draft of AAA Capabilities3. Mar 05 none First draft of Deliberations Summary4. Mar 05 Feb 07 Submit Framework to IESG5. Mar 05 Nov 06 Submit Standards Survey to IESG 6. May 05 Nov 06 Submit Current Sec Prac to IESG7. Jun 05 Nov 06 Submit Packet Filtering caps to IESG8. Jun 05 Jul 07 Submit Event Logging Caps to IESG9. Aug 05 Jul 07 Submit AAA doc to IESG10.Sep 05 Jul 07 Submit Misc caps doc to IESG
IETF-63 OPSEC WG
Milestones – In FluxOrig New Task
1. Jan 05 ? 1st draft of Config & Mg Int Caps2. Feb 05 Jun 06 1st draft of Doc & Assurance caps3. May 05 ? First draft of ISP Profile 4. May 05 ? First draft of Large Enterprise Profile5. Jul 05 Mar 07 Submit In-Band mgt caps to IESG 6. Jul 05 Mar 07 Submit Out-of-Band mgt caps to IESG7. Aug 05 ? Submit Config & Mgt Interface caps
to IESG8. Sep 05 Jul 07 Submit Doc & Assurance cap to IESG 9. Dec 05 ? Submit ISP Profile to IESG 10. Dec 05 ? Submit Large Enterprise Profile to
IESG
IETF-63 OPSEC WG
Profiles
IETF-63 OPSEC WG
Profiles
• Charter:– Profile the capabilities documents for ISP and
large Enterprise environments
• We don’t need them right now… but…
• Do people still want them?– Volunteers– Ideas or outlines?– Are we missing any capability docs?
IETF-63 OPSEC WG
End