Operational Security Capabilities for IP Network Infrastructure

The information below is for an older proposed charter
Document Proposed charter Operational Security Capabilities for IP Network Infrastructure WG (opsec) Snapshot
Title Operational Security Capabilities for IP Network Infrastructure
Last updated 2013-11-20
State IESG Review (Charter for Approval, Selected by Secretariat) Rechartering
WG State Active
IESG Responsible AD Warren Kumari
Charter Edit AD Joel Jaeggli
Send notices to (None)



The OPSEC WG will document operational issues and best current practices
with regard to network security.In particular, the working group will clarify
the rationale of supporting current operational practice, addressing gaps
in currently understood best practices, and clarifying liabilities inherent in
security practices where they exist.


The scope of the OPSEC WG includes the protection and secure  operation of the
forwarding, control and management planes. Documentation of  operational
issues, revision of existing operational security practices  documents and
proposals for new approaches to operational challenges related to network
security are in scope.


The work will result in the publication of informational or BCP RFCs.  Taxonomy
or problem statement  documents may provide a basis for such documents.

Informational or Best Current Practices Documents

For each topic addressed, the working group will produce a document that
captures common practices related to secure network operation.  will be
produced. This will be primarily based on operational experience. A document
might convey:

* a threat or threats to be addressed

* current practices for addressing the threat

* protocols, tools and technologies extant at the time of writing that are used
to address the threat

* the possibility that a solution does not exist within existing tools or

Taxonomy and Problem Statement Documents

These are documents that describe the scope of particular operational security
challenges or problem spaces without necessarily coming to conclusions or
proposing solutions. Such a document might be the precusor to an informational
or best current practices document.

While the principal input of the working group is operational experience and
needs, the output should be directed towards providing guidance to the
operators community,  other working groups that develop protocols or the
protocol development community.


The OPSEC WG is will not write or modify protocols. New protocol work must
be addressed through a working group chartered for that work, or via
one of the individual submission processes. The OPSEC WG may take on documents
related to the practices of using such work.