...
The Security Incident Response Handbook for the eduGAIN service has been prepared developed by the REFEDS Sirtfi Working Group , in conjunction collaboration with the eduGAIN Security Team. The document defines the roles and responsibilities of each party taking part in the Security Incident Response process that is when a Federation Participant suspects a security incident affects its resources and has reason to believe that Federation Participants outside its origin federation may be affected. The groups are now seeking feedback on this document.
...
Line Number / Reference | Comment or change proposal | Proposer / Affiliation | Action / Decision (please leave blank) | |
---|---|---|---|---|
162-165 | The process described in item 10 is ambiguous and could be misinterpreted to imply a wider distribution of the lessons learned document, and also to not distribute it to organisation which use TLP without full SIRTFI. I therefore suggest the current paragraph is replaced with: "In collaboration with your Federation Operator, produce a report of the incident labelled with TLP:AMBER or higher which includes lessons learned and actions taken, and share to affected organisations in all federations which are SIRTFI-compliant or that support the TLP, within one month of resolution of the incident." | Alex Stuart (Jisc) | ||
194-197 | Change wording of item 8 in Federation Operators' procedures to match that in item 10 of the Federation Participants' procedures, as in the previous change proposal. | Alex Stuart (Jisc) |