openldap-2.0.19.tgz_ldap_openldap

Network Working Group R. Shirey Request for Comments: 2828 GTE / BBN Technologies FYI: 36 May 2000 Category: Informational Internet Security Glossary Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2000). All Rights Reserved. Abstract This Glossary (191 pages of definitions and 13 pages of references) provides abbreviations, explanations, and recommendations for use of information system security terminology. The intent is to improve the comprehensibility of writing that deals with Internet security, particularly Internet Standards documents (ISDs). To avoid confusion, ISDs should use the same term or definition whenever the same concept is mentioned. To improve international understanding, ISDs should use terms in their plainest, dictionary sense. ISDs should use terms established in standards documents and other well-founded publications and should avoid substituting private or newly made-up terms. ISDs should avoid terms that are proprietary or otherwise favor a particular vendor, or that create a bias toward a particular security technology or mechanism versus other, competing techniques that already exist or might be developed in the future. Shirey Informational [Page 1]  RFC 2828 Internet Security Glossary May 2000 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Explanation of Paragraph Markings . . . . . . . . . . . . . . 4 2.1 Recommended Terms with an Internet Basis ("I") . . . . . . 4 2.2 Recommended Terms with a Non-Internet Basis ("N") . . . . 5 2.3 Other Definitions ("O") . . . . . . . . . . . . . . . . . 5 2.4 Deprecated Terms, Definitions, and Uses ("D") . . . . . . 6 2.5 Commentary and Additional Guidance ("C") . . . . . . . . . 6 3. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 6 4. References . . . . . . . . . . . . . . . . . . . . . . . . . . 197 5. Security Considerations . . . . . . . . . . . . . . . . . . . 211 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 211 7. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 211 8. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 212 1. Introduction This Glossary provides an internally consistent, complementary set of abbreviations, definitions, explanations, and recommendations for use of terminology related to information system security. The intent of this Glossary is to improve the comprehensibility of Internet Standards documents (ISDs)--i.e., RFCs, Internet-Drafts, and other material produced as part of the Internet Standards Process [R2026]-- and of all other Internet material, too. Some non-security terms are included to make the Glossary self-contained, but more complete lists of networking terms are available elsewhere [R1208, R1983]. Some glossaries (e.g., [Raym]) list terms that are not listed here but could be applied to Internet security. However, those terms have not been included in this Glossary because they are not appropriate for ISDs. This Glossary marks terms and definitions as being either endorsed or deprecated for use in ISDs, but this Glossary is not an Internet standard. The key words "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" are intended to be interpreted the same way as in an Internet Standard [R2119], but this guidance represents only the recommendations of this author. However, this Glossary includes reasons for the recommendations--particularly for the SHOULD NOTs--so that readers can judge for themselves whether to follow the recommendations. Shirey Informational [Page 2]  RFC 2828 Internet Security Glossary May 2000 This Glossary supports the goals of the Internet Standards Process: o Clear, Concise, and Easily Understood Documentation This Glossary seeks to improve comprehensibility of security- related content of ISDs. That requires wording to be clear and understandable, and requires the set of security-related terms and definitions to be consistent and self-supporting. Also, the terminology needs to be uniform across all ISDs; i.e., the same term or definition needs to be used whenever and wherever the same concept is mentioned. Harmonization of existing ISDs need not be done immediately, but it is desirable to correct and standardize the terminology when new versions are issued in the normal course of standards development and evolution. o Technical Excellence Just as Internet Standard (STD) protocols should operate effectively, ISDs should use terminology accurately, precisely, and unambiguously to enable Internet Standards to be implemented correctly. o Prior Implementation and Testing Just as STD protocols require demonstrated experience and stability before adoption, ISDs need to use well-established language. Using terms in their plainest, dictionary sense (when appropriate) helps to ensure international understanding. ISDs need to avoid using private, made-up terms in place of generally- accepted terms from standards and other publications. ISDs need to avoid substituting new definitions that conflict with established ones. ISDs need to avoid using "cute" synonyms (e.g., see: Green Book); no matter how popular a nickname may be in one community, it is likely to cause confusion in another. o Openness, Fairness, and Timeliness ISDs need to avoid terms that are proprietary or otherwise favor a particular vendor, or that create a bias toward a particular security technology or mechanism over other, competing techniques that already exist or might be developed in the future. The set of terminology used across the set of ISDs needs to be flexible and adaptable as the state of Internet security art evolves. Shirey Informational [Page 3]  RFC 2828 Internet Security Glossary May 2000 2. Explanation of Paragraph Markings Section 3 marks terms and definitions as follows: o Capitalization: Only terms that are proper nouns are capitalized. o Paragraph Marking: Definitions and explanations are stated in paragraphs that are marked as follows: - "I" identifies a RECOMMENDED Internet definition. - "N" identifies a RECOMMENDED non-Internet definition. - "O" identifies a definition that is not recommended as the first choice for Internet documents but is something that authors of Internet documents need to know. - "D" identifies a term or definition that SHOULD NOT be used in Internet documents. - "C" identifies commentary or additional usage guidance. The rest of Section 2 further explains these five markings. 2.1 Recommended Terms with an Internet Basis ("I") The paragraph marking "I" (as opposed to "O") indicates a definition that SHOULD be the first choice for use in ISDs. Most terms and definitions of this type MAY be used in ISDs; however, some "I" definitions are accompanied by a "D" paragraph that recommends against using the term. Also, some "I" definitions are preceded by an indication of a contextual usage limitation (e.g., see: certification), and ISDs shou