Internet Security Glossary
RFC 2828

Document Type RFC - Informational (May 2000; No errata)
Obsoleted by RFC 4949
Last updated 2013-03-02
Stream Legacy
Formats plain text pdf html
Stream Legacy state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 2828 (Informational)
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                          R. Shirey
Request for Comments: 2828                        GTE / BBN Technologies
FYI: 36                                                         May 2000
Category: Informational

                       Internet Security Glossary

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2000).  All Rights Reserved.

Abstract

   This Glossary (191 pages of definitions and 13 pages of references)
   provides abbreviations, explanations, and recommendations for use of
   information system security terminology. The intent is to improve the
   comprehensibility of writing that deals with Internet security,
   particularly Internet Standards documents (ISDs). To avoid confusion,
   ISDs should use the same term or definition whenever the same concept
   is mentioned. To improve international understanding, ISDs should use
   terms in their plainest, dictionary sense. ISDs should use terms
   established in standards documents and other well-founded
   publications and should avoid substituting private or newly made-up
   terms. ISDs should avoid terms that are proprietary or otherwise
   favor a particular vendor, or that create a bias toward a particular
   security technology or mechanism versus other, competing techniques
   that already exist or might be developed in the future.

Shirey                       Informational                      [Page 1]
RFC 2828               Internet Security Glossary               May 2000

Table of Contents

   1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . .   2
   2. Explanation of Paragraph Markings  . . . . . . . . . . . . . .   4
      2.1 Recommended Terms with an Internet Basis ("I") . . . . . .   4
      2.2 Recommended Terms with a Non-Internet Basis ("N")  . . . .   5
      2.3 Other Definitions ("O")  . . . . . . . . . . . . . . . . .   5
      2.4 Deprecated Terms, Definitions, and Uses ("D")  . . . . . .   6
      2.5 Commentary and Additional Guidance ("C") . . . . . . . . .   6
   3. Definitions  . . . . . . . . . . . . . . . . . . . . . . . . .   6
   4. References . . . . . . . . . . . . . . . . . . . . . . . . . . 197
   5. Security Considerations  . . . . . . . . . . . . . . . . . . . 211
   6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 211
   7. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 211
   8. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 212

1. Introduction

   This Glossary provides an internally consistent, complementary set of
   abbreviations, definitions, explanations, and recommendations for use
   of terminology related to information system security. The intent of
   this Glossary is to improve the comprehensibility of Internet
   Standards documents (ISDs)--i.e., RFCs, Internet-Drafts, and other
   material produced as part of the Internet Standards Process [R2026]--
   and of all other Internet material, too. Some non-security terms are
   included to make the Glossary self-contained, but more complete lists
   of networking terms are available elsewhere [R1208, R1983].

   Some glossaries (e.g., [Raym]) list terms that are not listed here
   but could be applied to Internet security. However, those terms have
   not been included in this Glossary because they are not appropriate
   for ISDs.

   This Glossary marks terms and definitions as being either endorsed or
   deprecated for use in ISDs, but this Glossary is not an Internet
   standard. The key words "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
   and "OPTIONAL" are intended to be interpreted the same way as in an
   Internet Standard [R2119], but this guidance represents only the
   recommendations of this author. However, this Glossary includes
   reasons for the recommendations--particularly for the SHOULD NOTs--so
   that readers can judge for themselves whether to follow the
   recommendations.

Shirey                       Informational                      [Page 2]
RFC 2828               Internet Security Glossary               May 2000

   This Glossary supports the goals of the Internet Standards Process:

   o Clear, Concise, and Easily Understood Documentation

      This Glossary seeks to improve comprehensibility of security-
      related content of ISDs. That requires wording to be clear and
      understandable, and requires the set of security-related terms and
      definitions to be consistent and self-supporting. Also, the
Show full document text