CURRENT MEETING REPORT

Reported by Gary Malkin/Bay Networks

Minutes of the Site Security Handbook Working Group (SSH)


Status Update


Chairpersons		Barbara Frasier / CERT

Mailing List		ssh@cert.org
To subscribe		ssh-request@cert.org
Archives		ftp://info.cert.org/pub/ietf/ssh

Date of meeting		Washington, D.C. IETF / December 9, 1997

Progress		The group met in a short (one hour) time slot.
			We accomplished all of the goals set forth in
			the Agenda for the meeting; specifically, we
			reviewed draft-ietf-ssh-users-03.txt, and
			decided that the group would do no additional
			documents.

Agenda

	1 - Discuss current user security handbook draft
	2 - Discuss other documents
	3 - Update goals and milestones


Two issues were raised concerning the USH document:
1 - how do we best handle the difference between  users who have
    administrative authority over their system(s) and those who don't
2 - the level of the doc stated audience

Discussed draft 03

External review indicated that the doc is to detailed/complex/specific for
the stated audiance.  Solution - Internet security primer

3-section primer: basics, threats, counter-measures

Why have primer?  What type of security?  Do we need another doc or just
another section in USH?

Move self-admin to end (Home Alone), and put in indented sections for
novice explanations (or intro or glossary)

Get first cut of revised draft by end of Jan and second draft prior to
LA IETF.


Other docs -

End SSH WG with USH doc


Actions:

Fold in terms and concepts into USH
Create glossary for end of doc
Move all admin-user content to home alone
Draft by begin of Feb