Guidelines and Recommendations for Security Incident Processing

IETF Working Group GRIP

Last Modified: 16-Nov-99

Please note: This is only a copy of the actual charter on the archive site of the GRIP working group. Please refer to the following URLs for up to date information:

Navigation board from the IETF web server:


Barbara Fraser <>
Klaus P. Kossakowski <>

Operations and Management Area Director(s):

Randy Bush <>
Bert Wijnen <>

Operations and Management Area Advisor:

Randy Bush <>

Mailing Lists:

General Discussion:
To Subscribe:

Description of Working Group:

The full name of this working group is Guidelines and Recommendations for Security Incident Processing.

This working group is co-chartered by the Security Area.

The purpose of the GRIP Working Group is to provide guidelines and recommendations to facilitate the consistent handling of security incidents in the Internet community. Guidelines will address technology vendors, network service providers and response teams in their roles assisting organizations in resolving security incidents. These relationships are functional and can exist within and across organizational boundaries.

The working group will produce a set of documents:

  1. Guidelines for security incident response teams (IRT).

  2. Guidelines for internet service providers (ISP) consisting of three documents covering the following topics:

  3. Guidelines for vendors (technology producers).

Goals and Milestones:

Mar 99   Submit Expectations for ISPs as an Internet-Draft
Mar 99   Submit Consumer Checklist on ISPs as an Internet-Draft
Mar 99   Submit Internet-Draft on security guidelines for technology providers
Mar 99   Submit Roadmap document as an Internet-Draft
May 99   Submit Revisions to three major I-Ds
Jun 99   Submit ISP documents to IESG for consideration as a BCP RFC
Jul 99   Submit revision to guidelines for technology providers as an I-D
Jul 99   Meet at IETF in Oslo
Sep 99   Submit final verion of guidelines for technology providers Internet-Draft
Oct 99   Submit guidelines for technology providers to IESG for consideration as a BCP RFC


Request For Comments:

Minutes of previous Meetings:

Jul 9430th IETFToronto, Canada
Dec 9431st IETFSan Jose, Calif.
Apr 9532nd IETFDanvers, Mass.
Jul 9533rd IETFStockholm, Sweden
Dec 9534th IETFDallas, Tex.
Mar 9635th IETFLos Angeles, Calif.
Jun 9636th IETFMontreal, Canada
Apr 9738th IETFMemphis, Tenn.
Aug 9739th IETFMunich, Germany
Dec 9740th IETFWashington, DC.
Mar 9841st IETFLos Angeles, Calif.
Dec 9843rd IETFOrlando, Fl.
Mar 9944th IETFMinneapolis, Minn.
Jul 9945th IETFOslo, Norway
Nov 9946th IETFWashington, DC

Please send questions, comments, and/or suggestions regarding the GRIP working group to the open mailing list

All issues regarding these web pages should be directed to

These pages are hosted on and are provided on an "AS IS" basis without any explicite or implicite responsibility, liability, etc. (For a more fully understanding please refer to the legal statements within the Impressum, which is only available in German.)