[Security_sig] Pls review DLT Cap Doc 1.0 Security Section Draft

Makan Pourzandi Makan.Pourzandi at ericsson.com
Fri Jan 21 13:15:36 PST 2005 

Hi,

My 2 cents, just a suggestion: perhaps something that could be useful is
secure patch management capabilities. I know that it sounds more like MS 
need than Linux related but with the wider use of Linux, there are more
vulnerabilities discovered and perhaps more need at enterprise level for 
patching efficiently and fast the many deployed desktops.


I believe there is need for being "capable" of supporting
different levels of security. I  mean something close to system tools
like Msec from Mandrake, Yum security levels from Suse or Red Hat
security levels. This is specially important for home users. It's clear 
to me that the normal desktop users should not be asked to configure 
their firewalling rules, etc ... Though, I am not sure whether this is 
relevant to DTL specs or not.

Regards
Makan

Ps. regarding suppor for VPN, I believe a reference for ssl based vpn
can be openvpn http://openvpn.net/

Mary Edie Meredith wrote:
> At the call today, Slav requested that DTL make available the Security
> Section of their Capability Document Draft for review by this forum.
> 
> Philip Peake provided this, and I have posted it on developer at:
> http://developer.osdl.org/dev/security/docs/DTL-security_section.pdf
> 
> What you will see in this document are a list of capabilities.  DLT made
> the decision for this revision to _not yet take the approach of DCL and
> CGL (defining assumptions before capabilities are determined).  Their
> approach is similar to the first revision DCL made in their 1.0 Security
> section.   AFAIK DTL intend to address assumptions in the future.  
> 
> So feedback is requested for obvious errors, omissions, or suggestions
> for improved content.  Please no flames on the approach (---:
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> security_sig mailing list
> security_sig at lists.osdl.org
> http://lists.osdl.org/mailman/listinfo/security_sig

-- 

Makan Pourzandi, Open Systems Lab
Ericsson Research, Montreal, Canada
*This email does not represent or express the opinions of Ericsson Inc.*

More information about the security_sig mailing list