RFC 1281 (rfc1281) - Page 1 of 10


Guidelines for the Secure Operation of the Internet



Alternative Format: Original Text Document



Network Working Group                                          R. Pethia
Request for Comments: 1281                Software Engineering Institute
                                                              S. Crocker
                                       Trusted Information Systems, Inc.
                                                               B. Fraser
                                          Software Engineering Institute
                                                           November 1991


          Guidelines for the Secure Operation of the Internet

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard.  Distribution of this memo is
   unlimited.

Preamble

   The purpose of this document is to provide a set of guidelines to aid
   in the secure operation of the Internet.  During its history, the
   Internet has grown significantly and is now quite diverse.  Its
   participants include government institutions and agencies, academic
   and research institutions, commercial network and electronic mail
   carriers, non-profit research centers and an increasing array of
   industrial organizations who are primarily users of the technology.
   Despite this dramatic growth, the system is still operated on a
   purely collaborative basis.  Each participating network takes
   responsibility for its own operation.  Service providers, private
   network operators, users and vendors all cooperate to keep the system
   functioning.

   It is important to recognize that the voluntary nature of the
   Internet system is both its strength and, perhaps, its most fragile
   aspect.  Rules of operation, like the rules of etiquette, are
   voluntary and, largely, unenforceable, except where they happen to
   coincide with national laws, violation of which can lead to
   prosecution.  A common set of rules for the successful and
   increasingly secure operation of the Internet can, at best, be
   voluntary, since the laws of various countries are not uniform
   regarding data networking.  Indeed, the guidelines outlined below
   also can be only voluntary.  However, since joining the Internet is
   optional, it is also fair to argue that any Internet rules of
   behavior are part of the bargain for joining and that failure to
   observe them, apart from any legal infrastructure available, are
   grounds for sanctions.





Pethia, Crocker, & Fraser