[OPSEC] Operational Security Capabilities for IP Network Infrastructure

G'day,

I'd like to add my $0.02 to the "yes, this should be accepted as a
Working Group item" side.  *This item* here refers to "Security
Assessment of the Internet Protocol"
(draft-gont-opsec-ip-security-01.txt) internet-draft, by the way, in
case that wasn't clear in my original post.

Many of the current TCP/IP specifications were designed over two decades
ago (or based on those designs) and since then, there has been a great
number of vulnerabilities found in those specifications and/or the code
designed to comply with those specifications.  Two major issues right
now are that were someone to design a new product based on the current
RFCs, this product would be both insecure and incompatible with a number
of current products that were keeping up to date with the lists of
amendments to these protocols that haven't been accepted and published
as RFCs.  Basically, the RFCs are starting to lag behind the times and
become, well, whilst not irrelevant, at least not as complete as they
once were.

Bringing the RFCs up to date with current accepted security standards is
something that will greatly increase the benefit of these RFCs to both
current and future designers of protocols and products based around
these protocols and also provide a single port of call for people
needing to confirm that their protocol implementations are based on
latest accepted practice.

http://hiltont.blogspot.com/

Regards,

 <http://www.quarkit.com.au/> Hilton Travis, Manager, Quark IT
http://www.QuarkIT.com.au/

War doesn't determine who is right. War determines who is left.

This document and any attachments are for the intended recipient only.
It may contain confidential, privileged or copyright material which 
must not be disclosed or distributed.

Quark Group Pty Ltd T/A Quark Automation, Quark AudioVisual, Quark IT

[OPSEC] Operational Security Capabilities for IP Network Infrastructure

Attachment: image001.jpg