BCPs are stable identifiers for Best Current Practices. A BCP may consist of a single RFC or a group of RFCs related to a specific IETF process or recommended guidelines. The collection may become empty as the BCP evolves.
RFC 2350: BCP 21: Expectations for Computer Security Incident Response
Best Current Practice
- N. Brownlee
- E. Guttman
- June 1998
- IETF publication
- Operations and Management Area
Abstract
The purpose of this document is to express the general Internet
community's expectations of Computer Security Incident Response
Teams (CSIRTs). It is not possible to define a set of requirements
that would be appropriate for all teams, but it is possible and
helpful to list and describe the general set of topics and issues
which are of concern and interest to constituent communities.
CSIRT constituents have a legitimate need and right to fully
understand the policies and procedures of 'their' Computer Security
Incident Response Team. One way to support this understanding is to
supply detailed information which users may consider, in the form of
a formal template completed by the CSIRT. An outline of such a
template and a filled in example are provided.
Abstract
The purpose of this document is to express the general Internet
community's expectations of Computer Security Incident Response
Teams (CSIRTs). It is not possible to define a set of requirements
that would be appropriate for all teams, but it is possible and
helpful to list and describe the general set of topics and issues
which are of concern and interest to constituent communities.
CSIRT constituents have a legitimate need and right to fully
understand the policies and procedures of 'their' Computer Security
Incident Response Team. One way to support this understanding is to
supply detailed information which users may consider, in the form of
a formal template completed by the CSIRT. An outline of such a
template and a filled in example are provided.