A Security Practitioner's view on Internet Protocols
draft-magnusson-secure-practice-00
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Author | Lars Magnusson | ||
Last updated | 2009-10-13 | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
IETF members is per tradition a focused group, working with all aspects of network interconnectivity and processing. But, as requested by the IETF Security Chair at IETF-75, there is an emerging need of a more formal review of Information Security issues, in relation to the IETF Standard work. During IETF-75, the author noted in several sessions participants voicing a somewhat different view on security issues, compared to what I have experienced as norm and practice within several End-Users organizations. Some key practices, often dependent on rulesets as SOX "Best Practice" framework, seemed to not be to well-known in those discussions I attended. This document intends to, with some simple examples, review and highlight some effects of these gaps and questions they arises.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)