2. Format of Entries <- Table of Contents -> 4. Definitions
3. Types of Entries
Each entry in this Glossary is marked as type I, N, O, or D:
3.1. Type "I": Recommended Definitions of Internet Origin
The marking "I" indicates two things:
- Origin: "I" (as opposed to "N") means either that the Internet
Standards Process or Internet community is authoritative for the
definition *or* that the term is sufficiently generic that this
Glossary can freely state a definition without contradicting a
non-Internet authority (e.g., "attack").
- Recommendation: "I" (as opposed to "O") means that the term and
definition are RECOMMENDED for use in IDOCs. However, some "I"
entries may be accompanied by a "Usage" note that states a
limitation (e.g., "certification"), and IDOCs SHOULD NOT use the
defined term outside that limited context.
Many "I" entries are proper nouns (e.g., "Internet Protocol") for which the definition is intended only to provide basic information; i.e., the authoritative definition of such terms is found elsewhere. For a proper noun described as an "Internet protocol", please refer to the current edition of "Internet Official Protocol Standards" (Standard 1) for the standardization status of the protocol.
Shirey Informational [Page 7]
RFC 4949 Internet Security Glossary, Version 2 August 2007
3.2. Type "N": Recommended Definitions of Non-Internet Origin
The marking "N" indicates two things:
- Origin: "N" (as opposed to "I") means that the entry has a non-
Internet basis or origin.
- Recommendation: "N" (as opposed to "O") means that the term and
definition are RECOMMENDED for use in IDOCs, if they are needed at
all in IDOCs. Many of these entries are accompanied by a label
that states a context (e.g., "package") or a note that states a
limitation (e.g., "data integrity"), and IDOCs SHOULD NOT use the
defined term outside that context or limit. Some of the contexts
are rarely if ever expected to occur in an IDOC (e.g., "baggage").
In those cases, the listing exists to make Internet authors aware
of the non-Internet usage so that they can avoid conflicts with
non-Internet documents.
3.3. Type "O": Other Terms and Definitions To Be Noted
The marking "O" means that the definition is of non-Internet origin and SHOULD NOT be used in IDOCs *except* in cases where the term is specifically identified as non-Internet.
For example, an IDOC might mention "BCA" (see: brand certification authority) or "baggage" as an example of some concept; in that case, the document should specifically say "SET(trademark) BCA" or "SET(trademark) baggage" and include the definition of the term.
3.4. Type "D": Deprecated Terms and Definitions
If this Glossary recommends that a term or definition SHOULD NOT be used in IDOCs, then the entry is marked as type "D", and an explanatory note -- "Deprecated Term", "Deprecated Abbreviation", "Deprecated Definition", or "Deprecated Usage" -- is provided.
3.5. Definition Substitutions
Some terms have a definition published by a non-Internet authority -- a government (e.g., "object reuse"), an industry (e.g., "Secure Data Exchange"), a national authority (e.g., "Data Encryption Standard"), or an international body (e.g., "data confidentiality") -- that is suitable for use in IDOCs. In those cases, this Glossary marks the definition "N", recommending its use in Internet documents.
Other such terms have definitions that are inadequate or inappropriate for IDOCs. For example, a definition might be outdated or too narrow, or it might need clarification by substituting more careful wording (e.g., "authentication exchange") or explanations, using other terms that are defined in this Glossary. In those cases,
Shirey Informational [Page 8]
RFC 4949 Internet Security Glossary, Version 2 August 2007
this Glossary marks the entry "O", and provides an "I" or "N" entry that precedes, and is intended to supersede, the "O" entry.
In some cases where this Glossary provides a definition to supersede an "O" definition, the substitute is intended to subsume the meaning of the "O" entry and not conflict with it. For the term "security service", for example, the "O" definition deals narrowly with only communication services provided by layers in the OSIRM and is inadequate for the full range of IDOC usage, while the new "I" definition provided by this Glossary can be used in more situations and for more kinds of service. However, the "O" definition is also listed so that IDOC authors will be aware of the context in which the term is used more narrowly.
When making substitutions, this Glossary attempts to avoid contradicting any non-Internet authority. Still, terminology differs between authorities such as the American Bar Association, OSI, SET, the U.S. DoD, and other authorities; and this Glossary probably is not exactly aligned with any of them.