2.8.3 Site Security Handbook (ssh)

NOTE: This charter is a snapshot of the 40th IETF Meeting in Washington, DC. It may now be out-of-date. Last Modified: 27-Oct-97

Chair(s):

Barbara Fraser <byf@cert.org>

User Services Area Director(s):

Joyce K. Reynolds <jkrey@isi.edu>

User Services Area Advisor:

Joyce K. Reynolds <jkrey@isi.edu>

Mailing Lists:

General Discussion:ssh@cert.org
To Subscribe: ssh-request@cert.org
Archive: ftp://info.cert.org/pub/ietf/ssh

Description of Working Group:

The Site Security Handbook Working Group is chartered to create two documents: (1) a revised handbook that will help system and network administrators develop their own site-specific policies and procedures to deal with computer security problems and their prevention and (2) a new handbook for users. The text of these documents will be developed from the existing RFC 1244, plus needed revisions and additions.

Goals and Milestones:

Done

  

Meet at the San Jose IETF and (1) make a decision about which document to produce first, (2) create an SSH editorial board and (3) create a draft outline of the first document.

Done

  

Prepare a final outline of the first document.

Done

  

Meet at the Danvers IETF and create a rough draft of the first document.

May 95

  

Submit the first document as an Internet-Draft, with comment and review happening on the SSH mailing list.

Jul 95

  

Submit first document as an Internet-Draft.

Done

  

Meet at the Stockholm IETF meeting and create an outline for the second document.

Dec 95

  

Submit the second draft of the first document as an Internet-Draft.

Dec 95

  

Meet at IETF and review the second Internet-Draft of the first document.

Feb 96

  

Submit a revised Internet-Draft of the first document, with review happening on the SSH list.

Mar 96

  

Meet at IETF and do a final review of the Internet-Draft of the first document. Develop outline for second document.

Apr 96

  

Submit Internet-Draft of first document to IESG for publication as Informational RFC.

May 96

  

Submit draft of second document to Internet-Drafts.

Jun 96

  

Meet at IETF to review and edit draft.

Jul 96

  

Syvmit second draft of document to Internet-Drafts.

Oct 96

  

Submit final version of document to Internet-Drafts.

Dec 96

  

Submit Internet-Draft of second document to IESG for publication as an Informational RFC.

Internet-Drafts:

Request For Comments:

RFC

Status

Title

 

RFC2196

PS

Site Security Handbook

Current Meeting Report

Minutes of the Site Security Handbook (SSH) Working Group

Reported by Gary Malkin/Bay Networks

Status Update

Chairpersons: Barbara Frasier / CERT

Mailing List: ssh@cert.org
To subscribe: ssh-request@cert.org
Archives: ftp://info.cert.org/pub/ietf/ssh

Date of meeting: Washington, D.C. IETF / December 9, 1997

Progress:

The group met in a short (one hour) time slot. We accomplished all of the goals set forth in the Agenda for the meeting; specifically, we reviewed draft-ietf-ssh-users-03.txt, and decided that the group would do no additional documents.

Agenda

I. Discuss current user security handbook draft
II. Discuss other documents
III. Update goals and milestones

Two issues were raised concerning the USH document:

1. How do we best handle the difference between users who have administrative authority over their system(s) and those who don't?
2. The level of the doc stated audience.

I. Discussed Draft 03

External review indicated that the doc is to detailed/complex/specific for the stated audiance. Solution - Internet security primer.

3-section primer: basics, threats, counter-measures

Why have primer? What type of security? Do we need another doc or just another section in USH?

Move self-admin to end (Home Alone), and put in indented sections for novice explanations (or introduction or glossary).

Get first cut of revised draft by end of Jan and second draft prior to LA IETF.

II. Other Docs

End SSH WG with USH doc

III. Actions

Slides

None Received

Attendees List

go to list

Previous PageNext Page