30th IETF, 31st IETF, 32nd IETF, 33rd IETF, 34th IETF, 35th IETF, 36th IETF, 38th IETF, 39th IETF,
40th IETF, 41st IETF, 43rd IETF, 44th IETF, 45th IETF and 46th IETF

43rd IETF, Orlando, Fl. - December 1998

Guidelines and Recommendations for Incident Processing (GRIP)

1. Modifying the draft

The current draft is draft-ietf-grip-isp-06.txt. It has been posted on the GRIP mailing list on Dec, 3rd, but is not available on the IETF ftp site due to short time.

Some people in the groups thinks the current draft is too long, not really adapted to a specific reader. We are facing the need to split the document into separate documents.

Three drafts will be created:

  1. Expectations of ISPs on other ISPs :
    ISP good citizenship : not just safewarding, but incidents have an effect on the entire community. How ISP need to behave.

  2. Consumer checklist e.g. :

  3. SSH addendum for ISPs :


It is decided to take the table of contents of the current draft and to move sections to the three new drafts.

E = Expectations of ISPs,
C = Consumer Checklist;
S = SSH Addendum for ISPs
A = All three drafts

1. Introduction
A1.1 Conventions Used in this Document
2. Incident Response
CSE2.1 ISPs and Security Incident Response Teams (SIRTs)
SC2.2 Assistance with Inbound Security Incidents
SC2.3 Assistance with Outbound or Transit Security Incidents
E2.4 Notification of Vulnerabilities and Reporting Incidents/affected customers/
SCE2.5 Contact Information /availability/
E2.6 Communication and Authentication /+ policy for sharing info/
SC2.4 /Non-disclosures - disclosure of customer info/
3. Appropriate Use Policy
CE3.1 Announcement of Policy /, public/
CE3.2 Sanctions
4. Protection of the Community
DELETE4.1 Cooperation
ES4.2 Data Protection /privacy + log (compliance w/ gov't regulation, balance to find all around the world)
S4.3 Training /- social engineering/
E4.4 Registry Data Maintenance (Balance, need consensus decision)
5. Network Infrastructure
ask Manos for new ideas
S5.1 Routers
S5.2 Switches, Terminal Servers, Modems and other Network Devices
S5.3 Anonymous telnet and other unlogged connections
S5.4 The Network Operation Centre (NOC) and Network Management
S5.5 Physical Security
S5.6 Routing Infrastructure
S5.7 Ingress Filtering on Source Address
S5.8 Egress Filtering on Source Address
S5.9 Route Filtering
S5.10 Directed Broadcast
6. Systems Infrastructure
S6.1 Policy
S6.2 System Management
S6.3 Backup
S6.4 Software Distribution
7. Domain Name Service (DNS)
CS7.1 DNS Server Management
CS7.2 Authoritative Domain Name Service
CS7.3 Resolution Service/update to remove entries when no longer auth./
8. Email and Mail Services
8.1 Mail Server Administration
8.2 Secure Mail
E8.3 Open Mail Relay
8.4 Message Submission
8.5 POP and IMAP Services futur avail & smtp-auth
9. News Service (NNTP)
S9.1 News Server Administration
S9.2 Article Submission
S9.3 Control Messages
S9.4 Newsfeed Filters
10. Web-related Services
C10.1 Webhosting Server Administration
10.2 Server Side Programs
10.3 Data and Databases
10.4 Logs and Statistics Reporting
10.5 Push and Streaming Services
10.6 Commerce
10.7 Content Loading and Distributed Authoring
10.8 Search Engines and other tools
Overall Comments
/Cinclude something about understanding impact of your requets/
/Eglobal stay up to date whith new secure methods as they become avail/
/Cown platform or sharing with others/
Other subjects are discussed, like the need of more than one legal authorization to perform an inquiery on more than one operator to trace a line from end-to-end.
Add /S11 NTP to synchronise logs/

The chair encourage people to join or participate in the mailing list :

Please send questions, comments, and/or suggestions regarding the GRIP working group to the open mailing list

All issues regarding these web pages should be directed to

These pages are hosted on and are provided on an "AS IS" basis without any explicite or implicite responsibility, liability, etc. (For a more fully understanding please refer to the legal statements within the Impressum, which is only available in German.)