CURRENT MEETING REPORT Reported by Gary Malkin/Bay Networks Minutes of the Site Security Handbook Working Group (SSH) Status Update Chairpersons Barbara Frasier / CERT Mailing List ssh@cert.org To subscribe ssh-request@cert.org Archives ftp://info.cert.org/pub/ietf/ssh Date of meeting Washington, D.C. IETF / December 9, 1997 Progress The group met in a short (one hour) time slot. We accomplished all of the goals set forth in the Agenda for the meeting; specifically, we reviewed draft-ietf-ssh-users-03.txt, and decided that the group would do no additional documents. Agenda 1 - Discuss current user security handbook draft 2 - Discuss other documents 3 - Update goals and milestones Two issues were raised concerning the USH document: 1 - how do we best handle the difference between users who have administrative authority over their system(s) and those who don't 2 - the level of the doc stated audience Discussed draft 03 External review indicated that the doc is to detailed/complex/specific for the stated audiance. Solution - Internet security primer 3-section primer: basics, threats, counter-measures Why have primer? What type of security? Do we need another doc or just another section in USH? Move self-admin to end (Home Alone), and put in indented sections for novice explanations (or intro or glossary) Get first cut of revised draft by end of Jan and second draft prior to LA IETF. Other docs - End SSH WG with USH doc Actions: Fold in terms and concepts into USH Create glossary for end of doc Move all admin-user content to home alone Draft by begin of Feb