Textual Analysis Methodology for Security Considerations Sections
draft-mcfadden-smart-rfc3552-textual-research-02

Document Type Active Internet-Draft (individual)
Authors Mark McFadden  , Alan Mills 
Last updated 2020-09-09
Stream (None)
Intended RFC status (None)
Formats plain text pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date
Responsible AD (None)
Send notices to (None)
SMART                                                       M. McFadden
Internet-Draft                             internet policy advisors ltd
                                                               A. Mills
                                                          UWE - Bristol

Intended status: Informational                        September 9, 2020
Expires: March 9, 2021

     Textual Analysis Methodology for Security Considerations Sections
           draft-mcfadden-smart-rfc3552-textual-research-02.txt

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six
   months and may be updated, replaced, or obsoleted by other documents
   at any time.  It is inappropriate to use Internet-Drafts as
   reference material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html

     This Internet-Draft will expire on March 9, 2021.

Copyright Notice

   Copyright (c) 2020 IETF Trust and the persons identified as the
   document authors. All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document. Please review these documents
   carefully, as they describe your rights and restrictions with
   respect to this document. Code Components extracted from this
   document must include Simplified BSD License text as described in

McFadden, Mills       Expires September 9, 2020                [Page 1]
Internet-Draft       RFC3552 Research Methodology        September 2020

   Section 4.e of the Trust Legal Provisions and are provided without
   warranty as described in the Simplified BSD License.

Abstract

   [RFC3552] provides guidance to authors in crafting RFC text on
   Security Considerations. The RFC is more than fifteen years old.
   With the threat landscape and security ecosystem significantly
   changed since the RFC was published, RFC3552 is a candidate for
   update. This draft proposes that, prior to drafting an update to
   RFC3552, an examination of recent, published Security Considerations
   sections be carried out as a baseline for how to improve RFC3552. It
   suggests a methodology for examining Security Considerations
   sections in published RFCs and the extraction of both quantitative
   and qualitative information that could inform a revision of the
   older guidance. It also reports on a recent experiment on textual
   analysis of sixteen years of RFC Security Consideration sections.

Table of Contents

   1. Introduction...................................................3
   2. Conventions used in this document..............................3
   3. Motivation.....................................................4
      3.1. Non-goals and scoping.....................................5
      3.2. Research Group............................................5
   4. Goals for Surveying Existing Security Considerations Sections..5
   5. Methodology....................................................5
      5.1. Methodology Overview......................................5
      5.2. Quantitative Methodology..................................6
      5.3. Qualitative Methodology...................................7
      5.4. Implications of the Size of n-set.........................7
   6. Experimental Activity..........................................8
      6.1. Experiment Methodology....................................8
      6.2. Stopword List.............................................8
      6.3. Resulting Characterization...............................10
      6.4. Indicative Results.......................................11
         6.4.1. Top Ten Word Counts in Four Sample Years............11
         6.4.2. Top Ten Word Counts Without RFC2119 Words in Four
         Sample Years...............................................12
         6.4.3. Normative RFC2119 Words in Security Considerations..12
   7. Security Considerations.......................................13
   8. IANA Considerations...........................................13
   9. References....................................................13
      9.1. Normative References.....................................13
      9.2. Informative References...................................13
   Appendix A. Document History.....................................14
Show full document text