Skip to main content

Framework for Operational Security Capabilities for IP Network Infrastructure

Document Type Expired Internet-Draft (opsec WG)
Expired & archived
Author George M. Jones
Last updated 2015-10-14 (Latest revision 2007-04-03)
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Additional resources Mailing list discussion
Stream WG state Dead WG Document
Document shepherd (None)
IESG IESG state Expired (IESG: Dead)
Action Holders
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD Ron Bonica
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document outlines work done and documents produced by the Operational Security Capabilities (OPSEC) Working Group. The goal of the working group is to codify knowledge gained through operational experience about feature sets that are needed to securely deploy and operate managed network elements providing transit services at the data link and IP layers. The intent is to provide clear, concise documentation of capabilities necessary for operating networks securely, to assist network operators in communicating their requirements to vendors, and to provide vendors with input that is useful for building more secure devices. The working group produced a list of capabilities appropriate for large Internet Service Provider (ISP) and Enterprise Networks. This work is intended to refine [RFC3871]. This document also provides guidance for the creation of profile documents which are lists of security features needed in specific operating environments.


George M. Jones

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)