Appendix A - Version 1.32, 27 April 2005 ======================================== Standard definitions taken from the IETF approach [RFC2119] MUST This word, or the terms "REQUIRED" or "SHALL", mean that the definition is an absolute requirement of the specification. SHOULD This word, or the adjective "RECOMMENDED", mean that there may exist valid reasons in particular circumstances to ignore a particular item, but the full implications must be understood and carefully weighed before choosing a different course. Appendix A to The FIRST membership process: =========================================== Basic Set of Information ======================== The basic set of information consists of three parts, one mandatory and one optional part are related to the team itself, the other mandatory part is related to the task of FIRST. I. Mandatory Fields describing the Team ======================================= 1. Team Name - Official team name: - Short team name (Acronym): - Host organization (if the team is decentralised, list all host organizations): - Country the team is located in (if multiple offices exist, list all countries): - Date of establishment: 2. Constituency - Type of constituency (vendor customer base, internal to host organization, ISP customer base, major service provider, major service provider, or ...): - Description of constituency: - Internet domain and/or IP address information describing the constituency: - All countries in which constituency members are located in: 3. Team Contact Information - Regular telephone number (country code, telephone number, timezone relative to GMT): - Emergency telephone number (country code, telephone number, timezone relative to GMT): - Email address: - Facsimile number (country code, telefax number): - Other telecommunication facilities: - Postal address: - Invoice address (mandatory): - Aliases to be included in the FIRST mailing lists: - FIRST-REPS mailing list - first-reps@first.org (mandatory): Recommendation: "first-rep@your.domain" Email Address: - FIRST-TEAMS mailing list - first-teams@first.org (mandatory): Recommendation: "first-team@your.domain" Email Address: 4. FIRST Representative - Name of person representing the team: - Contact information: 5. Team Members - Names, contact information and PGP keys of other team members (If approved by the MC and the SC, teams can be allowed to only list certain members. At least one member in addition to the FIRST Representative MUST be named anyway.): 6. References - FIRST sponsors: - Track record of working relationships with other teams: 7. Services - Specify available reactive services, using the following list (removing or adding to it): - Alerts and Warnings - Incident Handling - Incident analysis - Incident response on site - Incident response support - Incident response coordination - Vulnerability Handling - Vulnerability analysis - Vulnerability response - Vulnerability response coordination - Artifact Handling - Artifact analysis - Artifact response - Artifact response coordination - Forensic analysis - Specify available proactive services, using the following list (removing or adding to it): - Announcements - Technology Watch - Security Audits or Assessments - Configuration and Maintenance of Security Tools, Applications, and Infrastructures - Development of Security Tools - Intrusion Detection Services - Security-Related Information Dissemination - Specify security quality management services, using the following list (removing or adding to it): - Risk Analysis - Business Continuity and Disaster Recovery Planning - Security Consulting - Awareness Building - Education/Training - Product Evaluation or Certification 8. Information handling policy - How is incoming information "tagged" or "classified"? - How is information handled, especially with regards to exclusivity? - What considerations are adopted for the disclosure of information "when what?"), especially incident related information passed on to other teams or to sites? - Are there legal considerations to take into account with regards to the information handling? 9. Cryptography - Policy on use of cryptography to shield exclusivity&integrity in archives and/or in datacommunication, especially e-mail. - This policy must include possible legal boundary conditions as key escrow or enforceability of decryption in case of lawsuits. - If encrypted e-mail is possible, then at least provide: - PGP key of Team Representative (mandatory): - PGP key of Team: - PGP key of Team Members: - Provision of X.509 certificates (for S/MIME and other purposes) is optional: II. Optional Fields describing the Team ======================================= 10. Business Hours - Description of business hours: - Procedures for contacting the teams outside business hours: 11. Technical Expertise - Operating Systems: - System Platforms: - Networks: - ... 12. Contact Information for Constituency / Host Organization - Contact information for person/organization representing the constituency: - Contact information for person representing the host organization: 13. PGP Key Revocation Certificates - Key Revocation Certificates for previously distributed PGP keys: 14. Information Server - WWW server: - Mailing lists: - (Anon)FTP server: - NetNews: - ... III. Mandatory Fields describing the actions of FSS =================================================== (to be filled out by FSS!) ========================== 1. Classification - Actual classification ("applying" / "confirmed" / "pending" / "terminated"): - Date of first classification: - Date of last classification change: - Previous classification ("applying" / "confirmed" / "pending"): - Reason for last classification change: 2. Status Updates - Date of last verification: - Method of last verification: - Date of last change announcement received from the team: 3. Open Issues - List of open issues (date of issue recognized, description, approach taken): 4. History - List of all actions carried out in regard to the mandatory and optional fields describing the team (for each action the entry will give date and person):