OPSEC WG _______

1
OPSEC WG_______

• Operational Security Capabilities for IP Network
  Infrastructure
• IETF 65 - Dallas

2
Note Well

• Any submission to the IETF intended by the
  Contributor for publication as all or part of an
  IETF Internet-Draft or RFC and any statement made
  within the context of an IETF activity is
  considered an "IETF Contribution". Such
  statements include oral statements in IETF
  sessions, as well as written and electronic
  communications made at any time or place, which
  are addressed to
• the IETF plenary session,
• any IETF working group or portion thereof,
• the IESG, or any member thereof on behalf of the
  IESG,
• the IAB or any member thereof on behalf of the
  IAB,
• any IETF mailing list, including the IETF list
  itself, any working group or design team list, or
  any other list functioning under IETF auspices,
• the RFC Editor or the Internet-Drafts function
• All IETF Contributions are subject to the rules
  of RFC 3667 and RFC 3668.
• Statements made outside of an IETF session,
  mailing list or other function, that are clearly
  not intended to be input to an IETF activity,
  group or function, are not IETF Contributions in
  the context of this notice.
• Please consult RFC 3667 for details.

3
Front Administrativia

• Backup Minutes scribe?
• Jabber scribe? (opsec) rooms.jabber.ietf.org
• When speaking
• Please identify yourself (for the scribes)
• Dont mumble
• Speak at/to/near the microphone. The audio is
  being streamed out. (aka, eat the mike)

4
Discussion/Administratia

• Time for Discussion
• Maillist
• General Discussion opsec_at_ops.ietf.org
• To Subscribe opsec-request_at_ops.ietf.orgIn Body
  subscribe
• Archive http//ops.ietf.org/lists/opsec/

5
Agenda

• 1510-1514 Introductions and Housekeeping
  (Pat/Ross)
• 1515-1530 Document and WG status (Ross/Pat)
• 1531-1535 Adjusted Milestones (Ross)
• 1536-1558 Profiling Capabilities (Pat)
• 1600 Adjourn

6
Charter Outputs

• Framework Document
• Out for review
• Current Practices Document
• Out for review
• Individual Capability Documents
• Looking for editors/reviewers
• Profile Documents
• In the future

7
Document and WG status
8
Available Documents

• Framework for Operational Security Capabilities
  for IP Network Infrastructure
• draft-ietf-opsec-framework-02.txt
• Security Best Practices Efforts and Documents
• draft-ietf-opsec-efforts-02.txt
• Operational Security Current Practices
• draft-ietf-opsec-current-practices-02.txt
• Filtering Capabilities for IP Network
  Infrastructure
• draft-ietf-opsec-current-practices-02.txt

9
Newly Available Documents

• Miscellaneous Capabilities for IP Network
  Infrastructure
• draft-ietf-opsec-misc-cap-00.txt
• Network Management Access Security Capabilities
• draft-ietf-opsec-nmasc-00.txt

10
Adjusted Milestones
11
Capabilities Docs in Charter

• ? Packet Filtering
• ? Event Logging
• (Management Capabilties)
• ? In-Band management
• ? Out-of-Band management
• ? Configuration and Management Interface
• ? Authentication, Authorization Accounting
  (AAA)
• ? Documentation and Assurance
• ? Miscellaneous

12
Milestones - Completed

• Orig New Task
• Done Complete Charter
• Done First draft of Framework Doc as ID
• Done First draft of Standards Survey Doc as ID
• Done First draft of Packet Filtering
  Capabilities
• Done First draft of Network Operator
  Current Security Practices
• Done First draft of In-Band management caps
• Done First draft of Out-of-Band management
  caps
• Done First draft of Miscellaneous capabilities

13
Milestones - Upcoming

• Orig New Task
• Oct 04 Jul 06 First draft of Event Logging
  Caps
• Feb 05 Jun 06 First draft of AAA
  Capabilities
• Mar 05 none First draft of Deliberations
  Summary
• Mar 05 Feb 07 Submit Framework to IESG
• Mar 05 Nov 06 Submit Standards Survey to IESG
• May 05 Nov 06 Submit Current Sec Prac to IESG
• Jun 05 Nov 06 Submit Packet Filtering caps to
  IESG
• Jun 05 Jul 07 Submit Event Logging Caps to
  IESG
• Aug 05 Jul 07 Submit AAA doc to IESG
• Sep 05 Jul 07 Submit Misc caps doc to IESG

14
Milestones In Flux

• Orig New Task
• Jan 05 ? 1st draft of Config Mg Int Caps
• Feb 05 Jun 06 1st draft of Doc Assurance
  caps
• May 05 ? First draft of ISP Profile
• May 05 ? First draft of Large Enterprise
  Profile
• Jul 05 Mar 07 Submit In-Band mgt caps to IESG
• Jul 05 Mar 07 Submit Out-of-Band mgt caps to
  IESG
• Aug 05 ? Submit Config Mgt Interface caps
  to IESG
• Sep 05 Jul 07 Submit Doc Assurance cap to
  IESG
• Dec 05 ? Submit ISP Profile to IESG
• Dec 05 ? Submit Large Enterprise Profile to
  IESG

15
Profiles
16
Profiles

• Charter
• Profile the capabilities documents for ISP and
  large Enterprise environments
• We dont need them right now but
• Do people still want them?
• Volunteers
• Ideas or outlines?
• Are we missing any capability docs?

17
End