• 
• Home
• About the IETF
• Mission
• Standards Process
• Note Well
• NomCom
• Blog
• Info for Newcomers
• Internet-Drafts
• Datatracker
• Search
• Submit
• RFC Pages
• Search RFC Ed Index
• RFC Editor Queue
• IANA Pages
• Protocol Parameters
• Working Groups
• WG Charters
• Email Lists
• WG Chairs' Page
• Resources
• Community Tools
• Tools Team Pages
• Edu Team Pages
• Tutorials
• Wikis
• Meetings
• Upcoming Meetings
• Past Meetings
• Interim Meetings
• Important Dates
• Proceedings
• Mailing Lists
• Announcement Lists
• Discussion Lists
• Non-WG Lists
• IESG
• Announcements
• Statements
• Members
• Minutes
• IPR
• IPR Policy
• File a Disclosure
• Disclosure Search
• Liaisons
• Liaison Statements
• Liaison Managers
• Contact
• IETF Secretariat^®
• Media
• Subpoenas
• Report Web Site Errors
• Customize View
  
• Brief
• Normal
• Extended
• Advanced
• (Requires Javascript)

G & R for Security Incident Processing (grip)

---

In addition to this official charter maintained by the IETF Secretariat, there is additional information about this working group on the Web at:

Additional GRIP Page

---

Last Modified: 31-Jul-01

Chair(s):

Barbara Fraser <byfraser@cisco.com>
K.P. Kossakowski <klaus-peter@kossakowski.de>

Operations and Management Area Director(s):

Randy Bush <randy@psg.com>
Bert Wijnen <bwijnen@lucent.com>

Operations and Management Area Advisor:

Randy Bush <randy@psg.com>

Mailing Lists:

General Discussion:grip-wg@uu.net
To Subscribe: grip-wg-request@uu.net
Archive: http://www-ext.eng.uu.net/grip-wg/grip-wg.txt

Description of Working Group:

The full name of this working group is Guidelines and Recommendations for Security Incident Processing.

This working group is co-chartered by the Security Area.

The purpose of the GRIP Working Group is to provide guidelines and recommendations to facilitate the consistent handling of security incidents in the Internet community. Guidelines will address technology vendors, network service providers and response teams in their roles assisting organizations in resolving security incidents. These relationships are functional and can exist within and across organizational boundaries.

The working group will produce a set of documents:

1) Guidelines for security incident response teams (IRT).

2) Guidelines for internet service providers (ISP) consisting of three documents covering the following topics:

* Expectations on how ISPs will coordinate with each other and IRTs in incident handling

* Consumer Checklist on ISPs

* Site Security Handbook (SSH) Addendum for ISPs

3) Guidelines for vendors (technology producers).

Goals and Milestones:

Mar 99		Submit Expectations for ISPs as an Internet-Draft
Mar 99		Submit Consumer Checklist on ISPs as an Internet-Draft
Mar 99		Submit Internet-Draft on security guidelines for technology providers
Mar 99		Submit Roadmap document as an Internet-Draft
May 99		Submit Revisions to three major I-Ds
Jun 99		Submit ISP documents to IESG for consideration as a BCP RFC
Jul 99		Submit revision to guidelines for technology providers as an I-D
Jul 99		Meet at IETF in Oslo
Sep 99		Submit final verion of guidelines for technology providers Internet-Draft
Oct 99		Submit guidelines for technology providers to IESG for consideration as a BCP RFC

No Current Internet-Drafts

Request For Comments:

Expectations for Computer Security Incident Response (RFC 2350) (86554 bytes)
Recommended Internet Service Provider Security Services and Procedures (RFC 3013) (27905 bytes)
Guidelines for Evidence Collection and Archiving (RFC 3227) (18468 bytes)

---

Home - Tools Team - Datatracker - Web Site Usage Stats - IASA - IAB - RFC Editor - IANA - IRTF - IETF Trust - ISOC - IETF Journal - Store - Contact Us
Secretariat services provided by Association Management Solutions, LLC (AMS).
Please send problem reports to: ietf-action@ietf.org.