[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

agenda item: minor charter revision for INCH

To: iesg-secretary@ietf.org
Subject: agenda item: minor charter revision for INCH
From: Steve Bellovin <smb@research.att.com>
Date: Thu, 13 Nov 2003 15:55:20 -0500
Cc: iesg@ietf.org

Not sure if this makes the deadline or not, but I'll try; if not, it's 
for the next call...

------

The following are the charter changes to INCH necessary to support the 
rid draft (draft-moriarty-ddos-rid-05.txt).

[Drop the second paragraph of the Background section that starts with 
"There is a substantial amount of related work in the domain of TERENA 
..."]

[Replace the introductory paragraph of the Scope section with the 
following text]

The purpose of the Incident Handling (INCH) working group is to define a 
data format for exchanging security incident information used by a CSIRT.  
A CSIRT is defined broadly as an entity with a security role or 
responsibility in a given organization.  Often there is a communication 
and collaborating component.  Organizationally, a CSIRT might be a 
dedicated team in a network operations group, or a single individual with 
other responsibilities.

The primary use case for the INCH work is to standardize the the 
communication between a CSIRT and:

- its constituency (e.g., users, customers) reporting misuse; 
- parties involved in an incident (e.g., law enforcement, attacking 
site); or
- peer CSIRTs sharing information.

In doing such sharing, especially when action is being requested, due 
attention must be paid to authorization and privacy issues.


		--Steve Bellovin, http://www.research.att.com/~smb

Prev by Date: Re: Some slides for tonight
Next by Date: Re: Some slides for tonight
Previous by thread: How foolish of me... Plenary notes from last night
Next by thread: iesg@ietf.org mailing list reminder
Index(es):
- Date
- Thread