[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Review: IESG Agenda and Package for January 22, 2004 Telechat
> o draft-jones-opsec-03.txt
> Operational Security Requirements for IP Network
> Infrastructure (BCP) - 2
> of 2
> Token: Steve Bellovin
To what extent is this document (http://www.ietf.cnri.reston.va.us/internet-drafts/draft-jones-opsec-03.txt - on the IESG agenda tomorrow) known and was it reviewed in the Operations and Management Area? Although it has been categorized to belong in the Security Area it has quite a consistent amount of REQUIREMENTS related to management. As the document is supposed to become a BCP, and it also establishes as one of the goals to become 'a basis for testing and certification of security features of networked products', I think that it deserves a close look from the management community.
I am still reading through it. It does include very useful stuff, but it may also have some problems - for example with the very crisp approach wrt. to in-band management.