A Security Practitioner's view on Internet Protocols
draft-magnusson-secure-practice-00
| Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Author | Lars Magnusson | ||
| Last updated | 2009-10-13 | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
IETF members is per tradition a focused group, working with all aspects of network interconnectivity and processing. But, as requested by the IETF Security Chair at IETF-75, there is an emerging need of a more formal review of Information Security issues, in relation to the IETF Standard work. During IETF-75, the author noted in several sessions participants voicing a somewhat different view on security issues, compared to what I have experienced as norm and practice within several End-Users organizations. Some key practices, often dependent on rulesets as SOX "Best Practice" framework, seemed to not be to well-known in those discussions I attended. This document intends to, with some simple examples, review and highlight some effects of these gaps and questions they arises.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)