Guidelines for Writing RFC Text on Security Considerations
RFC 3552
Document | Type |
RFC - Best Current Practice
(July 2003; Errata)
Also known as BCP 72
Was draft-iab-sec-cons (iab)
|
|
---|---|---|---|
Authors | Eric Rescorla , Brian Korver | ||
Last updated | 2020-01-21 | ||
Stream | IAB | ||
Formats | plain text html pdf htmlized with errata bibtex | ||
Stream | IAB state | (None) | |
Consensus Boilerplate | Unknown | ||
RFC Editor Note | (None) |
Network Working Group E. Rescorla Request for Comments: 3552 RTFM, Inc. BCP: 72 B. Korver Category: Best Current Practice Xythos Software Internet Architecture Board IAB July 2003 Guidelines for Writing RFC Text on Security Considerations Status of this Memo This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2003). All Rights Reserved. Abstract All RFCs are required to have a Security Considerations section. Historically, such sections have been relatively weak. This document provides guidelines to RFC authors on how to write a good Security Considerations section. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Requirements. . . . . . . . . . . . . . . . . . . . . 3 2. The Goals of Security. . . . . . . . . . . . . . . . . . . 3 2.1. Communication Security. . . . . . . . . . . . . . . . 3 2.1.1. Confidentiality. . . . . . . . . . . . . . . . 4 2.1.2. Data Integrity . . . . . . . . . . . . . . . . 4 2.1.3. Peer Entity authentication . . . . . . . . . . 4 2.2. Non-Repudiation . . . . . . . . . . . . . . . . . . . 5 2.3. Systems Security. . . . . . . . . . . . . . . . . . . 5 2.3.1. Unauthorized Usage . . . . . . . . . . . . . . 6 2.3.2. Inappropriate Usage. . . . . . . . . . . . . . 6 2.3.3. Denial of Service. . . . . . . . . . . . . . . 6 3. The Internet Threat Model. . . . . . . . . . . . . . . . . 6 3.1. Limited Threat Models . . . . . . . . . . . . . . . . 7 3.2. Passive Attacks . . . . . . . . . . . . . . . . . . . 7 3.2.1. Confidentiality Violations . . . . . . . . . . 8 3.2.2. Password Sniffing. . . . . . . . . . . . . . . 8 3.2.3. Offline Cryptographic Attacks. . . . . . . . . 9 Rescorla & Korver Best Current Practice [Page 1] RFC 3552 Security Considerations Guidelines July 2003 3.3. Active Attacks. . . . . . . . . . . . . . . . . . . . 9 3.3.1. Replay Attacks . . . . . . . . . . . . . . . . 10 3.3.2. Message Insertion. . . . . . . . . . . . . . . 10 3.3.3. Message Deletion . . . . . . . . . . . . . . . 11 3.3.4. Message Modification . . . . . . . . . . . . . 11 3.3.5. Man-In-The-Middle. . . . . . . . . . . . . . . 12 3.4. Topological Issues. . . . . . . . . . . . . . . . . . 12 3.5. On-path versus off-path . . . . . . . . . . . . . . . 13 3.6. Link-local. . . . . . . . . . . . . . . . . . . . . . 13 4. Common Issues. . . . . . . . . . . . . . . . . . . . . . . 13 4.1. User Authentication . . . . . . . . . . . . . . . . . 14 4.1.1. Username/Password. . . . . . . . . . . . . . . 14 4.1.2. Challenge Response and One Time Passwords. . . 14 4.1.3. Shared Keys. . . . . . . . . . . . . . . . . . 15 4.1.4. Key Distribution Centers . . . . . . . . . . . 15 4.1.5. Certificates . . . . . . . . . . . . . . . . . 15 4.1.6. Some Uncommon Systems. . . . . . . . . . . . . 15 4.1.7. Host Authentication. . . . . . . . . . . . . . 16 4.2. Generic Security Frameworks . . . . . . . . . . . . . 16 4.3. Non-repudiation . . . . . . . . . . . . . . . . . . . 17 4.4. Authorization vs. Authentication. . . . . . . . . . . 18 4.4.1. Access Control Lists . . . . . . . . . . . . . 18 4.4.2. Certificate Based Systems. . . . . . . . . . . 18 4.5. Providing Traffic Security. . . . . . . . . . . . . . 19 4.5.1. IPsec. . . . . . . . . . . . . . . . . . . . . 19 4.5.2. SSL/TLS. . . . . . . . . . . . . . . . . . . . 20 4.5.3. Remote Login . . . . . . . . . . . . . . . . . 22 4.6. Denial of Service Attacks and Countermeasures . . . . 22 4.6.1. Blind Denial of Service. . . . . . . . . . . . 23 4.6.2. Distributed Denial of Service. . . . . . . . . 23 4.6.3. Avoiding Denial of Service . . . . . . . . . . 24 4.6.4. Example: TCP SYN Floods. . . . . . . . . . . . 24 4.6.5. Example: Photuris. . . . . . . . . . . . . . . 25 4.7. Object vs. Channel Security . . . . . . . . . . . . . 25 4.8. Firewalls and Network Topology. . . . . . . . . . . . 26 5. Writing Security Considerations Sections . . . . . . . . . 26Show full document text