About RIPE | Contact  | Search | Sitemap    
Homepage RIPE  
RIPE Community Mail Archives
search  
     
Next Sectionyou are here: RIPE -> RIPE Maillists > Archives
RIPE Navigation Ends
About RIPE Maillists
Maillists Archive
Global Lists
Non Active Lists
RIPE NCC Navigation Ends
Next Section
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: EuroCERT Open Meeting, 12. January 1998., Milano

  • To: Piet Beertema <
    >
  • From: Don Stikvoort <
    >
  • Date: Tue, 14 Oct 1997 17:46:56 +0200
  • Address: Radboudburcht, P.O. Box 19035, 3501 DA Utrecht, NL
  • Cc:
    ,
    ,
    ,
    ,
    ,
  • Organisation: SURFnet bv
  • Phone: +31 302 305 305
  • Telefax: +31 302 305 329
-----BEGIN PGP SIGNED MESSAGE-----



==> From: Piet Beertema

Piet,

The answers given thus far to your remark (see below) were quite true, 
but they may not clarify the situation enough for everybody reading this. 
So I will bother you all again (some people more than once - myself 
included: 5 times...) with this clarification and hope it will be the 
last disturbance of the sort.

My answers, by the way, are non-authoritative, but true anyway :-)

FIRST is an all volunteer organisation, currently without membership 
fees - that answers part of your question: there is no big bucks involved 
here. FIRST aims at being a forum for all the computer security 
incident response teams (say, the CERTs) in the world. Currently 
FIRST serves appx 70 members, including NREN teams, commercial teams 
and -last but not least- vendor teams. Activities include a yearly PUBLIC 
conference, a PUBLIC webserver and mailinglists and regular technical 
colloquia open only to members. In order to become a FIRST member 
some requirements have to be met with regards to a.o. trustworthiness. 
If that would not be the case FIRST would not function as it is - and 
for IRTs (CERTs) FIRST is an important forum to meet other teams and 
relay information. If FIRST would be entirely open a lot of people 
who are now sharing valuable information - which e.g. goes into 
public security advisories - would stop doing that : that's just a 
fact of life. This applies to the technical colloquia especially: 
information about hitherto unknown or unused vulnerabilities can be 
discussed there - and would not be if the colloquia were open. Of 
course I am aware of other fora (like especially BUGTRAQ) where 
substantially different rules apply - but I see both the FIRST 
approach and the BUGTRAQ approach as necessary complementary ways to 
meet the same end: minimisation of information and network insecurity.
If anybody wants to discuss this topic, count me in, but please DO 
NOT BOTHER ALL LISTS ABOVE with this discussion - interesting though 
it is: pick an appropriate one or two.

EuroCERT is currently still a TERENA pilot (codename SIRCE) offering 
Incident Support services to its constituents - who DO pay money for 
those services by the way - and planning to offer Incident 
Coordination (i.e. CERT like) services starting somewhere in 1998 and 
gradually evolving to become a full blown coordinating IRT. 
EuroCERT's potential customer base is basically formed by all 
(potential) European IRTs, both commercial and NREN ones.  

Part of EuroCERT's Incident Support services was to take over the 
organisation of the appx yearly informal meetings of European IRTs 
which started in 1993 in Amsterdam and were organised by a.o. DFN-CERT, 
TERENA, Micro-BIT Virus Center and CERT-NL. EuroCERT has a paying 
customer base, but some services however are necessarily extended to 
also non paying customers - and the organisation of these open meetings 
was clearly one of them.

FIRST happens to organise a (closed) technical colloquium in Milano 
in January. Several attendants of those colloquia are also customers 
of EuroCERT or are associated with European IRTs. So it was a rather 
obvious idea of EuroCERT to try and organise the OPEN European
IRT meeting adjacent in time to the FIRST meeting - saving time and 
money for several people - and also enabling interested and  
valuable guests from US teams (like CERT Coordination Center) to be 
present. Having taken part in the discussions I know that also 
co-location (in time) with RIPE or TERENA meetings is considered 
for future events.

Hope to see several of you in Milano on the 12th of January, during 
an entirely open meeting for European IRTs and interested guests.

Best regards
Don Stikvoort
CERT-NL chairman

CERT-NL is the IRT for SURFnet ( the .nl NREN ).
CERT-NL is a member of FIRST and a customer of EuroCERT. 

>     This is an open meeting organized by EuroCERT with the intention
> 	       ^^^^
>     of gathering European Computer Incident Response Teams and other
>     interested parties together.
>     ...
>     This year the meeting is aligned with FIRST sponsored Technical
>     Colloquium and the meeting of the FIRST Steering Committees so it
>     will be opportunity to meet some of well established FIRST members
>     from teams worldwide.
> 
>     Note: Unfortunately non-FIRST members are not permitted to participate
>     in the Technical Colloquium
> 
> How comes? Are non-FIRST members considered technically
> incompetent? Is their input not considered worthwhile?
> Are non-FIRST members considered untrusted, and hence
> to be kept away from 'sensitive' information? Or is it
> because of the sponsoring, or to put it another way:
> money prevailing over valuable technical input from
> non-members? I wouldn't call that an "open" meeting...
> 
> 
> 	Piet





-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBNEOT7hhlzkA/+6mNAQHllwP6Aowqllyw4J0sxECY/6HqZ4tHIMsz0ZnI
ROYk58fPbJ7jDme44LqfWxkZ3WlpxLcfeWh0cSUyAelhvgb8LkA/xP84qb+Rz/2V
isLP8EcCo8hluV9UHKdqWuHlkmk/7EpZuR3eEB/tGUKKKpuk8i5VcD9dQwq7zAdp
uQag6ncArvg=
=SGK/
-----END PGP SIGNATURE-----
Post To The List:

Message References

<<< Chronological >>> Author    Subject <<< Threads >>>
 

Next Section
     About RIPE | Site Map | LIR Portal | About the RIPE NCC | Contact | © RIPE Community. All rights reserved.
RIPE.NET Homepage LIR Portal RIPE Community