NOTE: This charter is a snapshot of the 46th IETF Meeting in Washington, DC. It may now be out-of-date. Last Modified: 29-Sep-99
Chair(s):
Barbara Fraser <byf@cert.org>
K.P. Kossakowski <kpk@work.de>
Operations and Management Area Director(s):
Randy Bush <randy@psg.com>
Bert Wijnen <wijnen@vnet.ibm.com>
Operations and Management Area Advisor:
Randy Bush <randy@psg.com>
Mailing Lists:
General Discussion:grip-wg@uu.net
To Subscribe: grip-wg-request@uu.net
Archive: http://www-ext.eng.uu.net/grip-wg/grip-wg.txt
Description of Working Group:
The full name of this working group is Guidelines and Recommendations for Security Incident Processing.
This working group is co-chartered by the Security Area.
The purpose of the GRIP Working Group is to provide guidelines and recommendations to facilitate the consistent handling of security incidents in the Internet community. Guidelines will address technology vendors, network service providers and response teams in their roles assisting organizations in resolving security incidents. These relationships are functional and can exist within and across organizational boundaries.
The working group will produce a set of documents:
1) Guidelines for security incident response teams (IRT).
2) Guidelines for internet service providers (ISP) consisting of three documents covering the following topics:
* Expectations on how ISPs will coordinate with each other and IRTs in incident handling
* Consumer Checklist on ISPs
* Site Security Handbook (SSH) Addendum for ISPs
3) Guidelines for vendors (technology producers).
Goals and Milestones:
Mar 99 |
|
Submit Expectations for ISPs as an Internet-Draft |
Mar 99 |
|
Submit Consumer Checklist on ISPs as an Internet-Draft |
Mar 99 |
|
Submit Internet-Draft on security guidelines for technology providers |
Mar 99 |
|
Submit Roadmap document as an Internet-Draft |
May 99 |
|
Submit Revisions to three major I-Ds |
Jun 99 |
|
Submit ISP documents to IESG for consideration as a BCP RFC |
Jul 99 |
|
Submit revision to guidelines for technology providers as an I-D |
Jul 99 |
|
Meet at IETF in Oslo |
Sep 99 |
|
Submit final verion of guidelines for technology providers Internet-Draft |
Oct 99 |
|
Submit guidelines for technology providers to IESG for consideration as a BCP RFC |
Internet-Drafts:
· Security Expectations for Internet Service Provider Consumers
Request For Comments:
RFC |
Status |
Title |
RFC2350 |
Expectations for Computer Security Incident Response |
GRIP Working Group Minutes
Prepared by: David Blumenstein
This working group met once during the Nov 99 IETF meeting. The agenda covered each of the three documents currently under development by the group. The goal of the group is to complete all documents by the end of the year. We don't expect to need a meeting in Adelaide.
1. draft-ietf-grip-isp-expectations-01.txt
The editor was unable to complete a new draft after the Oslo meeting. He has said he'll have a new one out in the next three weeks.
2. draft-ietf-grip-ssh-add-00.txt
Tristan posted a draft to IDs but was unable to attend the meeting and receive critique. Peter Kossakowski had some comments on the document that he will send to the list. The group was encouraged to review the draft and send comments to the list as well. We hope to have a final draft by the end of the year.
3. draft-ietf-grip-user-02.txt
Tony has completed the changes identified at the Oslo meeting but he was not able to make the ID cut-off date. He reviewed the changes he had made and said he'd have the new draft out as soon as drafts are being accepted again. There was no additional comments regarding the document although it was noted that the review in Oslo didn't get all the way through the document. So, once the new draft is posted, the group needs to carefully review it in its entirity.
Tony mentioned making the following changes to the security policy section:
- Inbound security incidents, for each instance at what cost or charge to the consumer
- Notification of vulnerabilities that may affect YOU not the rest of the world
- Timeliness of reporting on behalf of the ISP to you and its customer base
- How is info sent to ISP, security concerns (encryption, SSH, etc...)
- Provision of reference customers - those experiencing favorable security instances is voluntary
goal: done by the end of the year
co-editing of document to be handled by Manos Megagiannis
None received.