G & R for Security Incident Processing (grip)
This Working Group did not meet
NOTE: This charter is a snapshot of the 51st IETF Meeting in London, England. It may now be out-of-date. Last Modified: 31-Jul-01
Barbara Fraser <byfraser@cisco.com>
K.P. Kossakowski <klaus-peter@kossakowski.de>
Randy Bush <randy@psg.com>
Bert Wijnen <bwijnen@lucent.com>
Randy Bush <randy@psg.com>
General Discussion:grip-wg@uu.net
To Subscribe: grip-wg-request@uu.net
Archive: http://www-ext.eng.uu.net/grip-wg/grip-wg.txt
The full name of this working group is Guidelines and Recommendations for Security Incident Processing.
This working group is co-chartered by the Security Area.
The purpose of the GRIP Working Group is to provide guidelines and recommendations to facilitate the consistent handling of security incidents in the Internet community. Guidelines will address technology vendors, network service providers and response teams in their roles assisting organizations in resolving security incidents. These relationships are functional and can exist within and across organizational boundaries.
The working group will produce a set of documents:
1) Guidelines for security incident response teams (IRT).
2) Guidelines for internet service providers (ISP) consisting of three documents covering the following topics:
* Expectations on how ISPs will coordinate with each other and IRTs in incident handling
* Consumer Checklist on ISPs
* Site Security Handbook (SSH) Addendum for ISPs
3) Guidelines for vendors (technology producers).
Mar 99 |
|
Submit Expectations for ISPs as an Internet-Draft |
Mar 99 |
|
Submit Consumer Checklist on ISPs as an Internet-Draft |
Mar 99 |
|
Submit Internet-Draft on security guidelines for technology providers |
Mar 99 |
|
Submit Roadmap document as an Internet-Draft |
May 99 |
|
Submit Revisions to three major I-Ds |
Jun 99 |
|
Submit ISP documents to IESG for consideration as a BCP RFC |
Jul 99 |
|
Submit revision to guidelines for technology providers as an I-D |
Jul 99 |
|
Meet at IETF in Oslo |
Sep 99 |
|
Submit final verion of guidelines for technology providers Internet-Draft |
Oct 99 |
|
Submit guidelines for technology providers to IESG for consideration as a BCP RFC |
RFC |
Status |
Title |
RFC2350 |
Expectations for Computer Security Incident Response | |
RFC3013 |
Recommended Internet Service Provider Security Services and Procedures |