[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

updated charter



Enclosed you'll find an updated charter for the working group. Thanks to
Peter Kossakowski for providing the nice HTML format. The old charter has
been out of date almost since its inception so I know our area directors
will be very happy that we're finally updating it. Please take a look and
send any comments you may have. I plan to submit it to the secretariat
first thing next week.

Thanks,
Barbara
Title: G and R for Security Incident Processing (grip) Charter

G and R for Security Incident Processing (grip)

Last Modified: 28-Jan-99

Chair(s):

Barbara Fraser <byf@cert.org>
K.-P. Kossakowski <klaus-peter@kossakowski.de>

Operations and Management Area Director(s):

Harald Alvestrand <Harald.Alvestrand@maxware.no>
Bert Wijnen <wijnen@vnet.ibm.com>

Operations and Management Area Advisor:

Harald Alvestrand <Harald.Alvestrand@maxware.no>

Mailing Lists:

General Discussion:<grip-wg@uu.net>
To Subscribe: <grip-wg-request@uu.net>
Archive: http://www-ext.eng.uu.net/grip-wg/grip-wg.txt

Description of Working Group:

The full name of this working group is Guidelines and Recommendations for Security Incident Processing.

This working group is co-chartered by the Security Area.

The purpose of the GRIP Working Group is to provide guidelines and recommendations to facilitate the consistent handling of security incidents in the Internet community. Guidelines will address technology vendors, network service providers and response teams in their roles assisting organizations in resolving security incidents. These relationships are functional and can exist within and across organizational boundaries.

The working group will produce a set of documents:

1) Guidelines for security incident response teams (IRT).

2) Guidelines for internet service providers (ISP) consisting of three documents covering the following topics:

  • Expectations on how ISPs will coordinate with each other and IRTs in incident handling
  • Consumer Checklist on ISPs
  • Site Security Handbook (SSH) Addendum for ISPs

3) Guidelines for vendors (technology producers).

Goals and Milestones:

March 98 "Expectations for Security Incident Response" submitted to IESG done
May 98 "Expectations for Security Incident Response" accepted as Best Current Practice done
June 98 "Expectations for Security Incident Response" published as RFC 2350 done
Februrary 99 Split actual draft on ISPs (grip-isp-07) into three new drafts reflecting the new outline and incorporate comments from December 98 meeting:
  • Expectations for ISPs
  • Consumer Checklist on ISPs
  • SSH Addendum for ISPs
Create new version of actual draft as grip-isp-08 to provide readers with a roadmap through the new drafts.
Release new versions of all for grip-isp-... drafts.
February 99 Put all previous discussion results about the document for technology providers into a first draft.
March 99 Meet during the IETF.
Discuss latest versions of all grip-isp-... documents.
Discuss draft document for technology provider.
May 99 Incorporate comments from April meeting into the discussed versions of all grip-isp-... documents as appropriate.
Release all versions for WG last call.
Second draft of technology provider document grip-tp-01.
June 99 Submit all current drafts of the grip-isp-... documents to the IESG for consideration as Best Current Practice.
July 99 Second draft of technolgy provider document grip-tp-02.
August 99 Meeting during the IETF.
Discuss latest version of grip-tp-... documents.
September 99 Incorporate comments from August meeting into the discussed version of the grip-tp-... document.
Release versions for working group last call.
October 99 Submit current draft of the grip-tp-... document to the IESG for consideration as Best Current Practice.

Internet-Drafts:

Security Expectations for Internet Service Providers (60667 bytes)

Request For Comments:

Expectations for Computer Security Incident Response (RFC 2350) (86545 bytes)

IETF Secretariat - Please send questions, comments, and/or suggestions to ietf-web@ietf.org.

Return to working group directory.

Return to IETF home page.