Internet Security Glossary, Version 2
RFC 4949
| Document | Type |
RFC - Informational
(August 2007; No errata)
Obsoletes RFC 2828
Also known as FYI 36
|
|
|---|---|---|---|
| Author | Robert Shirey | ||
| Last updated | 2013-03-02 | ||
| Stream | ISE | ||
| Formats | plain text html pdf htmlized bibtex | ||
| Stream | ISE state | (None) | |
| Consensus Boilerplate | Unknown | ||
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | RFC 4949 (Informational) | |
| Telechat date | |||
| Responsible AD | Russ Housley | ||
| IESG note | FYI 0036 | ||
| Send notices to | RShirey@bbn.com | ||
Network Working Group R. Shirey
Request for Comments: 4949 August 2007
FYI: 36
Obsoletes: 2828
Category: Informational
Internet Security Glossary, Version 2
Status of This Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The IETF Trust (2007).
RFC Editor Note
This document is both a major revision and a major expansion of the
Security Glossary in RFC 2828. This revised Glossary is an extensive
reference that should help the Internet community to improve the
clarity of documentation and discussion in an important area of
Internet technology. However, readers should be aware of the
following:
(1) The recommendations and some particular interpretations in
definitions are those of the author, not an official IETF position.
The IETF has not taken a formal position either for or against
recommendations made by this Glossary, and the use of RFC 2119
language (e.g., SHOULD NOT) in the Glossary must be understood as
unofficial. In other words, the usage rules, wording interpretations,
and other recommendations that the Glossary offers are personal
opinions of the Glossary's author. Readers must judge for themselves
whether or not to follow his recommendations, based on their own
knowledge combined with the reasoning presented in the Glossary.
(2) The glossary is rich in the history of early network security
work, but it may be somewhat incomplete in describing recent security
work, which has been developing rapidly.
Shirey Informational [Page 1]
RFC 4949 Internet Security Glossary, Version 2 August 2007
Abstract
This Glossary provides definitions, abbreviations, and explanations
of terminology for information system security. The 334 pages of
entries offer recommendations to improve the comprehensibility of
written material that is generated in the Internet Standards Process
(RFC 2026). The recommendations follow the principles that such
writing should (a) use the same term or definition whenever the same
concept is mentioned; (b) use terms in their plainest, dictionary
sense; (c) use terms that are already well-established in open
publications; and (d) avoid terms that either favor a particular
vendor or favor a particular technology or mechanism over other,
competing techniques that already exist or could be developed.
Table of Contents
1. Introduction ....................................................3
2. Format of Entries ...............................................4
2.1. Order of Entries ...........................................4
2.2. Capitalization and Abbreviations ...........................5
2.3. Support for Automated Searching ............................5
2.4. Definition Type and Context ................................5
2.5. Explanatory Notes ..........................................6
2.6. Cross-References ...........................................6
2.7. Trademarks .................................................6
2.8. The New Punctuation ........................................6
3. Types of Entries ................................................7
3.1. Type "I": Recommended Definitions of Internet Origin .......7
3.2. Type "N": Recommended Definitions of Non-Internet Origin ...8
3.3. Type "O": Other Terms and Definitions To Be Noted ..........8
3.4. Type "D": Deprecated Terms and Definitions .................8
3.5. Definition Substitutions ...................................8
4. Definitions .....................................................9
5. Security Considerations .......................................343
6. Normative Reference ...........................................343
7. Informative References ........................................343
8. Acknowledgments ...............................................364
Shirey Informational [Page 2]
RFC 4949 Internet Security Glossary, Version 2 August 2007
1. Introduction
This Glossary is *not* an Internet Standard, and its recommendations
represent only the opinions of its author. However, this Glossary
gives reasons for its recommendations -- especially for the SHOULD
NOTs -- so that readers can judge for themselves what to do.
This Glossary provides an internally consistent and self-contained
set of terms, abbreviations, and definitions -- supported by
explanations, recommendations, and references -- for terminology that
concerns information system security. The intent of this Glossary is
to improve the comprehensibility of written materials that are
Show full document text