IETF August 1998 Proceedings

G and R for Security Incident Processing (grip)

This Working Group Did Not Meet

NOTE: This charter is a snapshot of the 42nd IETF Meeting in Chicago, Illinois. It may now be out-of-date. Last Modified: 07-Apr-98

Chair(s):

Louis Mamakos <louie@uu.net>
Barbara Fraser <tlt@cert.org>
K.P. Kossakowski <kpk@cert.dfn.de>

Operations and Management Area Director(s):

Harald Alvestrand <Harald.Alvestrand@maxware.no>
Bert Wijnen <wijnen@vnet.ibm.com>

Operations and Management Area Advisor:

Harald Alvestrand <Harald.Alvestrand@maxware.no>

Mailing Lists:

General Discussion:grip-wg@uu.net
To Subscribe: grip-wg-request@uu.net
Archive:

Description of Working Group:

The full name of this working group is Guidelines and Recommendations for Security Incident Processing.

This working group is co-chartered by the Security Area.

The purpose of the GRIP Working Group is to provide guidelines and recommendations to facilitate the consistent handling of security incidents in the Internet community. Guidelines will address technology vendors, network service providers, response teams in their roles assisting organizations in resolving security incidents. These relationships are functional and can exist within and across organizational boundaries.

The working group will produce two quality documents:

1) Guidelines for security incident response teams.

2) Guidelines for vendors (this will include both technology producers and network service providers).

Goals and Milestones:

Feb 95



Produce document describing problem statement and document taxonomy/vocabulary. Also cite the Site Security Handbook documents to make clear the relationship and scope between the two working groups and documents.

Feb 95



Produce draft outline for remainder of Response Team Document.

Done



Meet at Danvers IETF to review full Internet-Draft of Response Team Document.

Jun 95



Produce Internet-Draft on Guidelines for vendors.

Jun 95



Produce final version of Response Team Internet-Draft.

Done



Meet at Stockholm IETF. Review vendor Guideline Internet-Draft.

Sep 95



Produce final version of Vendor Guideline Internet-Draft. Submit to IESG for review.

Internet-Drafts:

· Security Expectations for Internet Service Providers

Request For Comments:

RFC

Status

Title

RFC2350

Expectations for Computer Security Incident Response


RFC	Status	Title

RFC2350		Expectations for Computer Security Incident Response