[OPSEC] Operational Security Capabilities for IP Network Infrastructure
"Quark IT - Hilton Travis" <Hilton@QuarkIT.com.au> Fri, 09 January 2009 19:56 UTC
Return-Path: <opsec-bounces@ietf.org>
X-Original-To: opsec-archive@optimus.ietf.org
Delivered-To: ietfarch-opsec-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6B4FC3A687F; Fri, 9 Jan 2009 11:56:18 -0800 (PST)
X-Original-To: opsec@core3.amsl.com
Delivered-To: opsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 31FCC3A6848 for <opsec@core3.amsl.com>; Fri, 9 Jan 2009 11:56:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.8
X-Spam-Level: *
X-Spam-Status: No, score=1.8 tagged_above=-999 required=5 tests=[AWL=-0.900, BAYES_50=0.001, EXTRA_MPART_TYPE=1, HELO_EQ_AU=0.377, HOST_EQ_AU=0.327, HTML_MESSAGE=0.001, RELAY_IS_203=0.994]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KLvNj7G+kCHJ for <opsec@core3.amsl.com>; Fri, 9 Jan 2009 11:56:12 -0800 (PST)
Received: from office.quarkgroup.com.au (office.quarkgroup.com.au [203.206.170.99]) by core3.amsl.com (Postfix) with ESMTP id 8DB433A687F for <opsec@ietf.org>; Fri, 9 Jan 2009 11:56:10 -0800 (PST)
Content-class: urn:content-classes:message
MIME-Version: 1.0
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Sat, 10 Jan 2009 05:55:55 +1000
Message-ID: <69D384433B57A14D837F7EC9760895F7360F9B@sbs.QuarkGroup.local>
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
Thread-Topic: Operational Security Capabilities for IP Network Infrastructure
Thread-Index: AclwPA7RlhXc7aSqQ+GpD21q4B0e0g==
From: Quark IT - Hilton Travis <Hilton@QuarkIT.com.au>
To: opsec@ietf.org
Subject: [OPSEC] Operational Security Capabilities for IP Network Infrastructure
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/opsec>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0531422011=="
Sender: opsec-bounces@ietf.org
Errors-To: opsec-bounces@ietf.org
G'day, I'd like to add my $0.02 to the "yes, this should be accepted as a Working Group item" side. *This item* here refers to "Security Assessment of the Internet Protocol" (draft-gont-opsec-ip-security-01.txt) internet-draft, by the way, in case that wasn't clear in my original post. Many of the current TCP/IP specifications were designed over two decades ago (or based on those designs) and since then, there has been a great number of vulnerabilities found in those specifications and/or the code designed to comply with those specifications. Two major issues right now are that were someone to design a new product based on the current RFCs, this product would be both insecure and incompatible with a number of current products that were keeping up to date with the lists of amendments to these protocols that haven't been accepted and published as RFCs. Basically, the RFCs are starting to lag behind the times and become, well, whilst not irrelevant, at least not as complete as they once were. Bringing the RFCs up to date with current accepted security standards is something that will greatly increase the benefit of these RFCs to both current and future designers of protocols and products based around these protocols and also provide a single port of call for people needing to confirm that their protocol implementations are based on latest accepted practice. http://hiltont.blogspot.com/ Regards, <http://www.quarkit.com.au/> Hilton Travis, Manager, Quark IT http://www.QuarkIT.com.au/ War doesn't determine who is right. War determines who is left. This document and any attachments are for the intended recipient only. It may contain confidential, privileged or copyright material which must not be disclosed or distributed. Quark Group Pty Ltd T/A Quark Automation, Quark AudioVisual, Quark IT
_______________________________________________ OPSEC mailing list OPSEC@ietf.org https://www.ietf.org/mailman/listinfo/opsec
- [OPSEC] Operational Security Capabilities for IP … Quark IT - Hilton Travis
- [OPSEC] Operational Security Capabilities for IP … Quark IT - Hilton Travis