<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: DANTE CERT Service

I am very surprised by this announcement. The service announced here
in in my opinion NOT a CERT service but a CERT coordination service.
I have some questions/remarks with this :
- How does this fit into the Concert-in-E proposal ??
- Such a european coordination body can only have success if :
   - it is supported by all the service providers in Europe. When dealing
     with security issues, you just can't differentiate between national
     research networks and commercial providers.
   - all service providers need to have trust into the provider of this
     service (sorry but I am afraid that this is not the case for DANTE).
   - there is only one such coordination service in Europe. You can't have
     several of such coordination centre. In that case you will miss 
     "the coordination".
- I am surprised that some organisation declares one-sided that it will
take on this role (even if "some" national networks have asked so). Normally
such a coordination task should be set up in cooperation with all the 
service providers in order to have success.
 
But probably I am just misreading the announcement and it doesn't has
anything to do with a CERT coordination Center. Please tell me the difference
in that case.

Best regards,

Stephan Biesbroeck
---
Stephan Biesbroeck                              Tel: +32(0)2-2383470
stephan@localhost                               Fax: +32(0)2-2315131
Service Support Team of the Belgian National Research Network, BELNET


Howard Davies wrote :

> DANTE is pleased to announce that, at the request of a number of
> national networks, it proposes to create a European level CERT
> service.

> The objectives of the DANTE CERT service will be:

>   -  co-ordination of incident handling between member CERTs and
>      with other incident response teams worldwide
>   -  co-ordination of technical assistance to member CERTs
>   -  maintenance of an information server on operational aspects
>      of computer security
>   -  assistance for the establishment of new CERTs
>   -  providing backup and support to resolve problems that cannot
>      be handled by a member CERT.

> The DANTE CERT service will build on the expertise and experience
> of the national CERTs that are already in place.  An important
> aspect of the organisational structure will be to minimise the
> overlap of activities and to ensure that all available resources
> are used in the optimum way.

> The DANTE CERT will participate fully in existing international
> bodies dealing with incident response and security.  Full
> membership of FIRST will be applied for.

> As is DANTE's normal practice, many of the operational components
> of the DANTE CERT activity will be sub-contracted; discussions on
> how best to do this are already taking place with organisations
> which are interested in carrying out this task.

> The DANTE CERT service is expected to be established early in
> 1995.  Its priority will be to serve the networking organisations
> in the European research community but other organisations may
> also subscribe.   Subscribing organisations will pay an annual fee
> which will be set as a function of size of the community that the
> organisation represents.

> Individuals who wish to be included on the mailing list for the
> announcement of further details should send a request in reply to
> this message

> Howard Davies

> HD(94)276
<<< Chronological >>> Author    Subject <<< Threads >>>