UPDATE ......From Tuesday 8 April 2025 we have changed the way that Single Sign-on works on this wiki. Please see here for more information:
Update
...
- It is strongly recommended to use a dedicated email address for the security contact.
- Where possible, use the NREN's security function (local CERT/CSIRT). We will also accept specific security capability for the federation service, if the organization has a proper procedure to deal with the communication.
- Notify the eduGAIN CSIRT <abuse@edugain.org>, which is the established security contact for the eduGAIN Service, in In case of federated security incident and coordination (notify the [eduGAIN-CSIRT] as required by the eduGAIN Incident Security Response Handbook [eduGAIN-sec-handbookSIRH]).
Respond to requests for assistance with a security incident from the eduGAIN CSIRT or other eduGAIN Participants in a timely manner. The recommended response time is half business day.
Respect the Traffic Light Protocol [TLP] information disclosure policy and use it during incident response communications (ref. https://www.first.org/tlp).
- The contact needs to expect that the eduGAIN CSIRT runs periodic communication checks which need to be handled as any other incident response communication.
[eduGAIN-CSIRT] https://edugain.org/edugain-security/
[eduGAIN-SIRH] -sec-handbook] https://wiki.refeds.org/download/attachments/44958353/eduGAIN%20Security%20Incident%20Response%20Handbook%20v1.0.pdf