An IPsec is an IPSec is an IPSEC (Redux)

It's back: my rant about the way people spell, type, case, et. al. the word IPsec.  Yup, sounds petty, but everyone needs their own mountain to climb, and for me it's trying to change the way the world spells IPsec. 

My loyal readers will likely recall my previous rant/venting exercise (An IPsec is an IPSec is an IPSEC) where I pointed out this quest of mine.  Very recently, in the run up to RSA while I was working with my demo pod crew on our new Server and Domain Isolation demo, the discussion switched from the specifics of the demo to the spelling of IPsec.  Here's a snip of the thread from one of my colleagues (who shall remain nameless, but we can call him Pat since that's his first name):

"BTW, since Ian mentioned it and since we have some marketing Gods on here, why in the world are we using improper English when referring to IPsec. The term stands for Internet Protocol Security, to if you wanted to make a TLA out of this (or what is close to a TLA), it would be IPSec (capital S). So, why do we use a lower case “s”?"

Not quite sure who the "marketing Gods" are, but I will assume he is speaking of me and/or the other marketing guy on the thread.  The "since Ian mentioned it" bit refers to my request to the demo's developer to "please change the spelling of “IPSec” to “IPsec” (lowercase ‘s’) to match the official MS and IETF casing."  Ain't I a hoot?

Okay, I've stumped on this for a while and always pointed out facts like the "IETF made me do it" and then offer links to Microsoft and Wikipedia (aka the "People's-pedia") web pages that have the proper spelling. Well, just yesterday, during a similar yet unrelated attempt to address this spelling bee subject with another group, I came across a paragraph in a December 2005 RFC that provides the official stance on the way IPsec should be written:

"The spelling "IPsec" is preferred and used throughout this and all related IPsec standards. All other capitalizations of IPsec (e.g., IPSEC, IPSec, ipsec) are deprecated."

Yup, that's on page 3 of RFC 4301 entitled "Security Architecture for the Internet Protocol" from December 2005. Now, before you go out and say, "Hameroff, you just posted that RFC yourself!"  it was authored by two folks from BBN Technologies.  Not me. Not Microsoft.

Wow!  I'm not just tilting at Internet protocol naming windmills!  

I've even developed a handy PowerPoint mini-poster that has the above quote (with source information) in a format suitable for framing or flaming:

Please let me know if you'd like a copy.

Okay, okay.  I hear you.  Yes, the rest of that paragraph from page 3 of RFC 4301 states that "any capitalization of the sequence of letters "IPsec" should be understood to refer to the IPsec protocols."  It may be "acceptable" but it doesn't mean its the right way to go about it! 

Nonetheless, it's time to go distribute some IPsec mini-posters...

Comments (4)

  1. Anonymous says:

    Here’s a few interesting NAP links from the past several weeks: Network Access Protection: Configuration

  2. Anonymous says:

    I feel smarter for having read this. Thank god for I-P-S-E-C and Ian. :->

    – Jeff

  3. knarf says:

    Very good. Next step is to teach the people there are no millibits (mb) and there’s a huge difference between kb and KB.

  4. GrumpySteve says:

    Hello Ian

    Thank you for the useful summary.

    Here is a useful summary on why you should not use / in text:

    Top of the morning to you

Skip to main content