[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: updated charter
Here's the text version of the draft. It's not very pretty but I think
you'll be able to review it. I'll cc the list in case others would prefer
this format.
Barb
[Image][Image][Image][Image][Image][Image][Image][Image][Image][Image][Image
][Image]
------------------------------------------------------------------------
G and R for Security Incident Processing (grip)
Last Modified: 28-Jan-99
Chair(s):
Barbara Fraser <byf@cert.org>
K.-P. Kossakowski <klaus-peter@kossakowski.de>
Operations and Management Area Director(s):
Harald Alvestrand <Harald.Alvestrand@maxware.no>
Bert Wijnen <wijnen@vnet.ibm.com>
Operations and Management Area Advisor:
Harald Alvestrand <Harald.Alvestrand@maxware.no>
Mailing Lists:
General Discussion:<grip-wg@uu.net>
To Subscribe: <grip-wg-request@uu.net>
Archive: http://www-ext.eng.uu.net/grip-wg/grip-wg.txt
Description of Working Group:
The full name of this working group is Guidelines and Recommendations for
Security Incident Processing.
This working group is co-chartered by the Security Area.
The purpose of the GRIP Working Group is to provide guidelines and
recommendations to facilitate the consistent handling of security incidents
in the Internet community. Guidelines will address technology vendors,
network service providers and response teams in their roles assisting
organizations in resolving security incidents. These relationships are
functional and can exist within and across organizational boundaries.
The working group will produce a set of documents:
1) Guidelines for security incident response teams (IRT).
2) Guidelines for internet service providers (ISP) consisting of three
documents covering the following topics:
* Expectations on how ISPs will coordinate with each other and IRTs in
incident handling
* Consumer Checklist on ISPs
* Site Security Handbook (SSH) Addendum for ISPs
3) Guidelines for vendors (technology producers).
Goals and Milestones:
March 98 "Expectations for Security Incident Response" submitted done
to IESG
May 98 "Expectations for Security Incident Response" accepted done
as Best Current Practice
June 98 "Expectations for Security Incident Response" published done
as RFC 2350
Februrary 99Split actual draft on ISPs (grip-isp-07) into three new
drafts reflecting the new outline and incorporate
comments from December 98 meeting:
* Expectations for ISPs
* Consumer Checklist on ISPs
* SSH Addendum for ISPs
Create new version of actual draft as grip-isp-08 to
provide readers with a roadmap through the new drafts.
Release new versions of all for grip-isp-... drafts.
February 99 Put all previous discussion results about the document
for technology providers into a first draft.
March 99 Meet during the IETF.
Discuss latest versions of all grip-isp-... documents.
Discuss draft document for technology provider.
May 99 Incorporate comments from April meeting into the
discussed versions of all grip-isp-... documents as
appropriate.
Release all versions for WG last call.
Second draft of technology provider document grip-tp-01.
June 99 Submit all current drafts of the grip-isp-... documents
to the IESG for consideration as Best Current Practice.
July 99 Second draft of technolgy provider document grip-tp-02.
August 99 Meeting during the IETF.
Discuss latest version of grip-tp-... documents.
September 99Incorporate comments from August meeting into the
discussed version of the grip-tp-... document.
Release versions for working group last call.
October 99 Submit current draft of the grip-tp-... document to the
IESG for consideration as Best Current Practice.
Internet-Drafts:
Security Expectations for Internet Service Providers (60667 bytes)
Request For Comments:
Expectations for Computer Security Incident Response (RFC 2350) (86545
bytes)
------------------------------------------------------------------------
IETF Secretariat - Please send questions, comments, and/or suggestions to
ietf-web@ietf.org.
[Image] Return to working group directory.
[Image] [Image] Return to IETF home page.