G and R for Security Incident Processing (grip) ----------------------------------------------- Charter Last Modified: 27-Oct-97 Current Status: Active Working Group Chair(s): Louis Mamakos Barbara Fraser K.P. Kossakowski Operations and Management Area Director(s): John Curran Michael O''Dell Operations and Management Area Advisor: Michael O''Dell Mailing Lists: General Discussion:grip-wg@uu.net To Subscribe: grip-wg-request@uu.net Archive: Description of Working Group: The full name of this working group is Guidelines and Recommendations for Security Incident Processing. This working group is co-chartered by the Security Area. The purpose of the GRIP Working Group is to provide guidelines and recommendations to facilitate the consistent handling of security incidents in the Internet community. Guidelines will address technology vendors, network service providers, response teams in their roles assisting organizations in resolving security incidents. These relationships are functional and can exist within and across organizational boundaries. The working group will produce two quality documents: 1) Guidelines for security incident response teams. 2) Guidelines for vendors (this will include both technology producers and network service providers). Goals and Milestones: Feb 95 Produce document describing problem statement and document taxonomy/vocabulary. Also cite the Site Security Handbook documents to make clear the relationship and scope between the two working groups and documents. Feb 95 Produce draft outline for remainder of Response Team Document. Done Meet at Danvers IETF to review full Internet-Draft of Response Team Document. Jun 95 Produce Internet-Draft on Guidelines for vendors. Jun 95 Produce final version of Response Team Internet-Draft. Done Meet at Stockholm IETF. Review vendor Guideline Internet-Draft. Sep 95 Produce final version of Vendor Guideline Internet-Draft. Submit to IESG for review. Internet-Drafts: Posted Revised I-D Title ------ ------- ------------------------------------------ Sep 95 Sep 97 Expectations for Computer Security Incident Response Oct 97 New Security Expectations for Internet Service Providers Request For Comments: None to date.