G & R for Security Incident Processing (grip)
---------------------------------------------

 Charter
 Last Modified: 01/03/2002

 Current Status: Concluded Working Group

 Chair(s):
     Barbara Fraser  <byfraser@cisco.com>
     K.P. Kossakowski  <klaus-peter@kossakowski.de>

 Operations and Management Area Director(s):
     Randy Bush  <randy@psg.com>
     Bert Wijnen  <bwijnen@lucent.com>

 Operations and Management Area Advisor:
     Randy Bush  <randy@psg.com>

 Mailing Lists: 
     General Discussion:grip-wg@uu.net
     To Subscribe:      grip-wg-request@uu.net
     Archive:           http://www-ext.eng.uu.net/grip-wg/grip-wg.txt

Description of Working Group:

The full name of this working group is Guidelines and Recommendations 
for Security Incident Processing.

This working group is co-chartered by the Security Area.

The purpose of the GRIP Working Group is to provide guidelines and
recommendations to facilitate the consistent handling of security 
incidents in the Internet community. Guidelines will address technology 
vendors, network service providers and response teams in their roles 
assisting organizations in resolving security incidents. These 
relationships are functional and can exist within and across 
organizational boundaries.

The working group will produce a set of documents:

1) Guidelines for security incident response teams (IRT).

2) Guidelines for internet service providers (ISP) consisting of three
   documents covering the following topics:

   * Expectations on how ISPs will coordinate with each other and IRTs  
     in incident handling

   * Consumer Checklist on ISPs

   * Site Security Handbook (SSH) Addendum for ISPs

3) Guidelines for vendors (technology producers).

 Goals and Milestones:

   MAR 99       Submit Expectations for ISPs as an Internet-Draft 

   MAR 99       Submit Consumer Checklist on ISPs as an Internet-Draft 

   MAR 99       Submit Internet-Draft on security guidelines for technology 
                providers 

   MAR 99       Submit Roadmap document as an Internet-Draft 

   MAY 99       Submit Revisions to three major I-Ds 

   JUN 99       Submit ISP documents to IESG for consideration as a BCP RFC 

   JUL 99       Submit revision to guidelines for technology providers as 
                an I-D 

   JUL 99       Meet at IETF in Oslo 

   SEP 99       Submit final verion of guidelines for technology providers 
                Internet-Draft 

   OCT 99       Submit guidelines for technology providers to IESG for 
                consideration as a BCP RFC 


 Internet-Drafts:

  No Current Internet-Drafts.

 Request For Comments:

  RFC   Stat Published     Title
------- -- ----------- ------------------------------------
RFC2350BCP  JUN 98    Expectations for Computer Security Incident Response 

RFC3013BCP  DEC 00    Recommended Internet Service Provider Security 
                       Services and Procedures 

RFC3227BCP  FEB 02    Guidelines for Evidence Collection and Archiving