RFC 2316 (rfc2316) - Page 1 of 9
Report of the IAB Security Architecture Workshop
Alternative Format: Original Text Document
Network Working Group S. Bellovin
Request for Comments: 2316 AT&T Labs Research
Category: Informational April 1998
Report of the IAB Security Architecture Workshop
1. Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
2. Copyright Notice
Copyright (C) The Internet Society (1998). All Rights Reserved.
3. Abstract
On 3-5 March 1997, the IAB held a security architecture workshop at
Bell Labs in Murray Hill, NJ. We identified the core security
components of the architecture, and specified several documents that
need to be written. Most importantly, we agreed that security was
not optional, and that it needed to be designed in from the
beginning.
3.1. Specification Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119.
4. Motivations
On 3-5 March 1997, the IAB held a security architecture workshop at
Bell Labs in Murray Hill, NJ. The ultimate goal was to design a
security architecture for the Internet. More concretely, we wished
to understand what security tools and protocols exist or are being
developed, where each is useful, and where we are missing adequate
security tools. Furthermore, we wanted to provide useful guidance to
protocol designers. That is, if we wish to eliminate the phrase
"security issues are not discussed in this memo" from future RFCs, we
must provide guidance on acceptable analyses.
Bellovin Informational