This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] 2010-08 New Policy Proposal (Abuse contact information)
- Previous message (by thread): [anti-abuse-wg] 2010-08 New Policy Proposal (Abuse contact information)
- Next message (by thread): [anti-abuse-wg] 2010-08 New Policy Proposal (Abuse contact information)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Denis Walker
denis at ripe.net
Tue Nov 9 19:15:06 CET 2010
James Davis wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 09/11/10 16:15, Florian Weimer wrote: > > >> It seems to me that this statement is at odds with the current >> documentation. It also does not match my own recollection of history. >> Neither FIRST nor the Trusted Introducer framework restricted their >> membership to those who handle incidents of a particular significance >> or had a certain type of constituency. >> > > Seconded. > > I can't speak for all CSIRT teams, most would consider it to be a usual > part of the remit of an IRT, and would consider a team that only dealt > with abuse as a specialized IRT (even if the team in question doesn't > call itself an IRT). > Then perhaps as a parallel activity we need to (re)define what an IRT object is now. Looking at some historical and current documents: http://www.ripe.net/ripe/docs/ripe-254.html http://www.ripe.net/db/support/security/irt/irt-h2.html http://www.ripe.net/db/support/security/irt/faq.html http://www.ripe.net/db/support/update-reference-manual.html#1.2.9 they talk a lot about accredited CSIRT teams and using secure email correspondence. The RIPE NCC no longer validates CSIRT teams creating IRT objects. Use of PGP keys is all optional now. Does an end user with a PI prefix represent a CSIRT team? Does Abuse Handler mean the same thing? Do we still have Trusted Introducer accredited teams with IRT objects maintained on their behalf? The documentation is very much out of step with the way IRT objects are created and used and what they mean now. Regards Denis Walker Business Analyst RIPE NCC Database Group > James > > - -- > James Davis +44 1235 822229 PGP: 0xD1622876 > Senior CSIRT Member 0300 999 2340 (+44 1235 822340) > Lumen House, Library Avenue, Didcot, Oxfordshire, OX11 0SG > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.10 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkzZd3EACgkQhZi14NFiKHaHgACfb8HzBuDVL9XrH+SiDSkysEXb > /qEAn3vZ1mFJZTV+ERqzt8RBT5yuWiRl > =Muo6 > -----END PGP SIGNATURE----- > > JANET(UK) is a trading name of The JNT Association, a company limited > by guarantee which is registered in England under No. 2881024 > and whose Registered Office is at Lumen House, Library Avenue, > Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG > > >
- Previous message (by thread): [anti-abuse-wg] 2010-08 New Policy Proposal (Abuse contact information)
- Next message (by thread): [anti-abuse-wg] 2010-08 New Policy Proposal (Abuse contact information)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]