...
The Security Incident Response Handbook for the eduGAIN service has been prepared developed by the REFEDS Sirtfi Working Group , in conjunction collaboration with the eduGAIN Security Team. The document defines the roles and responsibilities of each party taking part in the Security Incident Response process that is when a Federation Participant suspects a security incident affects its resources and has reason to believe that Federation Participants outside its origin federation may be affected. The groups are now seeking feedback on this document.
...
| Line Number / Reference | Comment or change proposal | Proposer / Affiliation | Action / Decision (please leave blank) | |
|---|---|---|---|---|
| 162-165 | The process described in item 10 is ambiguous and could be misinterpreted to imply a wider distribution of the lessons learned document, and also to not distribute it to organisation which use TLP without full SIRTFI. I therefore suggest the current paragraph is replaced with: "In collaboration with your Federation Operator, produce a report of the incident labelled with TLP:AMBER or higher which includes lessons learned and actions taken, and share to affected organisations which are SIRTFI-compliant or that support the TLP, within one month of resolution of the incident." | Alex Stuart (Jisc) | ||