✒️
OGF Document Template
  • Title of Document
  • 1. Introduction
  • 2. Notational Conventions
  • 3. Chapter
  • 4. Security Considerations
  • 5. Glossary
  • 6. Contributors
  • 7. Acknowledgments
  • 8. Intellectual Property Statement
  • 9. Disclaimer
  • 10. Full Copyright Notice
  • 11. References
Powered by GitBook
On this page

Was this helpful?

Export as PDF

4. Security Considerations

Previous3. ChapterNext5. Glossary

Last updated 4 years ago

Was this helpful?

Please refer to RFC 3552 for guidance on writing a security considerations section. This section is required in all documents, and should not just say “there are no security considerations.” Quoting from the RFC:

“Most people speak of security as if it were a single monolithic property of a protocol or system, however, upon reflection, one realizes that it is clearly not true. Rather, security is a series of related but somewhat independent properties. Not all of these properties are required for every application.

We can loosely divide security goals into those related to protecting communications (COMMUNICATION SECURITY, also known as COMSEC) and those relating to protecting systems (ADMINISTRATIVE SECURITY or SYSTEM SECURITY). Since communications are carried out by systems and access to systems is through communications channels, these goals obviously interlock, but they can also be independently provided.”

[RESCORLA]