Operational Security Capabilities for IP Network Infrastructure

The information below is for an older proposed charter
Document Proposed charter Operational Security Capabilities for IP Network Infrastructure WG (opsec) Snapshot
Title Operational Security Capabilities for IP Network Infrastructure
Last updated 2013-07-11
State Draft Charter Rechartering
WG State Active
IESG Responsible AD Warren Kumari
Charter Edit AD Joel Jaeggli
Send notices to (None)



The OPSEC WG will document operational issues and best current practices 
with regard to network security. In particular, efforts will be made to clarify 
the rationale of supporting current operational practice, addressing gaps 
in currently understood best practices, and clarifying liabilities inherent in 
security practices where they exist.


The scope of the OPSEC WG is intended to include the protection and secure 
operation of the forwarding, control and management planes. Documentation of 
operational issues, revision of existing operational security practices 
documents and proposals for new approaches to operational challenges related 
to network security are in scope.


It is expected that the product of the working group will result in the 
publication of informational or BCP RFCs. Taxonomy or problem statement 
documents may provide a basis for such documents.

Informational or Best Current Practices Document

For each topic addressed, a document that attempts to capture common 
practices related to secure network operation will be produced. This will
be primarily based on operational experience. A document might convey:

* a threat or threats to be addressed

* current practices for addressing the threat

* protocols, tools and technologies extant at the time of writing that are 
used to address the threat

* the possibility that a solution does not exist within existing tools or 

Taxonomy and Problem Statement Documents

A document which attempts to describe the scope of particular operational
security challenge or problem space without necessarily coming to a 
conclusion or proposing a solution. Such a document might be a 
precursor to an informational or best current practices document.

While the principal input of the working group is operational experience and 
needs, the output should be directed towards providing guidance to the 
operators community, other working groups that develop protocols or the 
community of protocol developers at large and implementers of these 

The OPSEC WG is not the place to do new protocols. New protocol work should
be addressed in a working group chartered in the appropriate area or as 
individual submissions. The OPSEC WG may take on documents related to the
practices of using such work.