SIRCE: Action Needed !
- Date: Thu, 14 Nov 1996 16:36:22 +0100
Dear customers, dear colleagues,
I have received quite some questions in response to my funding call for
SIRCE. The following FAQ is a summary of the most popular ones.
Unfortunately the amount of funds committed so far is a bit
disappointing in the light of interest expressed earlier.
If people are unhappy about the proposal or any other aspect, please let
me know. We cannot fix it if we are not told.
Thanks for your consideration.
Daniel Karrenberg
Q: I have had no time to read all the documents; can you please
summarise what SIRCE is?
A: SIRCE is a *coordination* service for security incident handling in
Europe. SIRCE will *coordinate* the handling of incidents involving
more than one of its customers. The *handling* of the incidents itself
is performed by the organisations involved and *not* by SIRCE. In
addition SIRCE will provide general support services to enable its
customers to better handle security relevant incidents. The target
customers for SIRCE, as proposed by the NCC, are the European ISPs.
SIRCE services and policies will be geared towards ISP needs.
Q: Do I need to set up my own Incident Response Team (IRT) in order to
use SIRCE services.
A: No, you can continue handling incidents like you do at present.
SIRCE customers will just be asked to identify contact persons for
security incident handling coordination. If you wish, SIRCE will
provide support to set up an IRT or to otherwise improve your incident
handling capability.
Q: What makes SIRCE different from services like the CERT CC?
A: SIRCE has local focus because it concentrates on Europe and the ISPs
needs in particular. Of course SIRCE will coordinate on a global scale
through similar organisations like the CERT CC.
Q: Will SIRCE publish details or statistics about incidents in a way
that reveals that my organisation was involved?
A: No. Sirce will not publish details identifying customers involved
without explicit permission. While detailed policies about statistics
will be established with input from all customers during the pilot, we
do not expect to publish statistics revealing the incident rate of
individual customers.
Q: Will SIRCE disclose details about incidents and/or my operational
procedures to other customers?
A: No. Again the detailed policies will be developed during the pilot.
We expect these policies to be very conservative. They are likely to
prefer direct information exchange between customers handling an
incident if sensitive areas are involved.
Q: When will SIRCE start operating?
A: The project will start in Q1/97 and achieve initial incident
coordination capability 2-3 months later.
Q: What can I do to help make this happen?
A: Commit a contribution to the funding of pilot operations in 1997.
The minimum contribution is 500ECU. We are loking for an average of
around 1000 ECU. This commitment is for 1997 only and there is no
further obligation. Please use the form below for making commitments.
Q: What are the benefits if I contribute?
A: Direct benefits are preferred service, influence on policies and
public credit. An important indirect benefit is that security incidents
are well coordinated by an entity that looks after ISPs needs first.
Q: Am I bound to my commitment if TERENA decides to execute SIRCE
differently than proposed in ripe-150?
A: No. The commitment is specifically for the project proposed in
ripe-150. If a different proposal is preferred by TERENA, we will
provide information about it and it is up to you to decide whether you
want to get involved.
Q: Which total commitment is necessary for the NCC to do SIRCE?
A: The total budgeted expenditure in 1997 is 286kECU. The commitments
from the ISP community are needed both to raise the funds necessary for
a successful service and to document that the ISPs have a need for it.
If the total commitment by November 27th is less than 100kECU there is
not sufficient need and the NCC will withdraw. If there are commitments
for 150kECU or more the project can go ahead since we expect additional
commitments from new NCC customers and funds raised by TERENA. If the
total will be between 100kECU and 150kECU it will depend on the
distribution of the commitments.
Q: What commitments have been received to date?
A: Not many, especially when considering the interest expressed earlier.
The table below shows all commitments in the order we received them.
We will re-publish this list whenever it changes significantly.
regid org name commit (ECU)
se.pi pi.se AB Pontus Ekman 1000
at.aconet ACONET Wilfried Woeber 1000
es.rediris RedIRIS-CSIC Victor Castelo 1000
pl.cyfronet Academic Computer Centre, Karol Franczak 500
CYFRONET-KRAKOW
----
Total: 3500
====
Q: How can I get more information?
A: Document ripe-150 is the project proposal. ripe-149 is a position
paper arguing why the RIPE NCC should execute the project. The service
descriptions are in ftp://ftp.ripe.net/ripe/misc/cert-eu.ps. Further
questions can be addressed to Daniel Karrenberg
<Daniel.Karrenberg@ ripe.net>.
-----
Please send the form below to billing@localhost:
%START
%FORM [sirce9601]
I herby commit to contribute the ECU amount indicated to the
SIRCE pilot project as defined in ripe-150 and the documents
it refers to. I confirm that I have authority to commit
my organisation for this contribution. I expect to be invoiced
for this contribution as soon as the project will have started.
Please put information between the brackets.
Please give your full name.
%NAME [ ]
Please give your position in the organisation.
%POS [ ]
Specify the registry ID of your organisation if it has one.
%REGID [ ]
If you have *not* specified a registry ID above, please give the
full organisation name and billing address. We will contact
you for more details if necessary.
%ORGNAME [ ]
%ADDRESS [ ]
Committed amount in ECU. Minimum is ECU 500. Excludes VAT where applicable.
%AMOUNT [ ]
Any billing reference that you may wish to be mentioned on the invoice.
%BILLREF [ ]
%END