2.8.3 Site Security Handbook (ssh)

NOTE: This charter is a snapshot of the 40th IETF Meeting in Washington, DC. It may now be out-of-date. Last Modified: 27-Oct-97


Barbara Fraser <byf@cert.org>

User Services Area Director(s):

Joyce K. Reynolds <jkrey@isi.edu>

User Services Area Advisor:

Joyce K. Reynolds <jkrey@isi.edu>

Mailing Lists:

General Discussion:ssh@cert.org
To Subscribe: ssh-request@cert.org
Archive: ftp://info.cert.org/pub/ietf/ssh

Description of Working Group:

The Site Security Handbook Working Group is chartered to create two documents: (1) a revised handbook that will help system and network administrators develop their own site-specific policies and procedures to deal with computer security problems and their prevention and (2) a new handbook for users. The text of these documents will be developed from the existing RFC 1244, plus needed revisions and additions.

Goals and Milestones:



Meet at the San Jose IETF and (1) make a decision about which document to produce first, (2) create an SSH editorial board and (3) create a draft outline of the first document.



Prepare a final outline of the first document.



Meet at the Danvers IETF and create a rough draft of the first document.

May 95


Submit the first document as an Internet-Draft, with comment and review happening on the SSH mailing list.

Jul 95


Submit first document as an Internet-Draft.



Meet at the Stockholm IETF meeting and create an outline for the second document.

Dec 95


Submit the second draft of the first document as an Internet-Draft.

Dec 95


Meet at IETF and review the second Internet-Draft of the first document.

Feb 96


Submit a revised Internet-Draft of the first document, with review happening on the SSH list.

Mar 96


Meet at IETF and do a final review of the Internet-Draft of the first document. Develop outline for second document.

Apr 96


Submit Internet-Draft of first document to IESG for publication as Informational RFC.

May 96


Submit draft of second document to Internet-Drafts.

Jun 96


Meet at IETF to review and edit draft.

Jul 96


Syvmit second draft of document to Internet-Drafts.

Oct 96


Submit final version of document to Internet-Drafts.

Dec 96


Submit Internet-Draft of second document to IESG for publication as an Informational RFC.


Request For Comments:







Site Security Handbook

Current Meeting Report

Minutes of the Site Security Handbook (SSH) Working Group

Reported by Gary Malkin/Bay Networks

Status Update

Chairpersons: Barbara Frasier / CERT

Mailing List: ssh@cert.org
To subscribe: ssh-request@cert.org
Archives: ftp://info.cert.org/pub/ietf/ssh

Date of meeting: Washington, D.C. IETF / December 9, 1997


The group met in a short (one hour) time slot. We accomplished all of the goals set forth in the Agenda for the meeting; specifically, we reviewed draft-ietf-ssh-users-03.txt, and decided that the group would do no additional documents.


I. Discuss current user security handbook draft
II. Discuss other documents
III. Update goals and milestones

Two issues were raised concerning the USH document:

1. How do we best handle the difference between users who have administrative authority over their system(s) and those who don't?
2. The level of the doc stated audience.

I. Discussed Draft 03

External review indicated that the doc is to detailed/complex/specific for the stated audiance. Solution - Internet security primer.

3-section primer: basics, threats, counter-measures

Why have primer? What type of security? Do we need another doc or just another section in USH?

Move self-admin to end (Home Alone), and put in indented sections for novice explanations (or introduction or glossary).

Get first cut of revised draft by end of Jan and second draft prior to LA IETF.

II. Other Docs

End SSH WG with USH doc

III. Actions


None Received

Attendees List

go to list

Previous PageNext Page