-----BEGIN PGP SIGNED MESSAGE----- ==> From: Piet Beertema Piet, The answers given thus far to your remark (see below) were quite true, but they may not clarify the situation enough for everybody reading this. So I will bother you all again (some people more than once - myself included: 5 times...) with this clarification and hope it will be the last disturbance of the sort. My answers, by the way, are non-authoritative, but true anyway :-) FIRST is an all volunteer organisation, currently without membership fees - that answers part of your question: there is no big bucks involved here. FIRST aims at being a forum for all the computer security incident response teams (say, the CERTs) in the world. Currently FIRST serves appx 70 members, including NREN teams, commercial teams and -last but not least- vendor teams. Activities include a yearly PUBLIC conference, a PUBLIC webserver and mailinglists and regular technical colloquia open only to members. In order to become a FIRST member some requirements have to be met with regards to a.o. trustworthiness. If that would not be the case FIRST would not function as it is - and for IRTs (CERTs) FIRST is an important forum to meet other teams and relay information. If FIRST would be entirely open a lot of people who are now sharing valuable information - which e.g. goes into public security advisories - would stop doing that : that's just a fact of life. This applies to the technical colloquia especially: information about hitherto unknown or unused vulnerabilities can be discussed there - and would not be if the colloquia were open. Of course I am aware of other fora (like especially BUGTRAQ) where substantially different rules apply - but I see both the FIRST approach and the BUGTRAQ approach as necessary complementary ways to meet the same end: minimisation of information and network insecurity. If anybody wants to discuss this topic, count me in, but please DO NOT BOTHER ALL LISTS ABOVE with this discussion - interesting though it is: pick an appropriate one or two. EuroCERT is currently still a TERENA pilot (codename SIRCE) offering Incident Support services to its constituents - who DO pay money for those services by the way - and planning to offer Incident Coordination (i.e. CERT like) services starting somewhere in 1998 and gradually evolving to become a full blown coordinating IRT. EuroCERT's potential customer base is basically formed by all (potential) European IRTs, both commercial and NREN ones. Part of EuroCERT's Incident Support services was to take over the organisation of the appx yearly informal meetings of European IRTs which started in 1993 in Amsterdam and were organised by a.o. DFN-CERT, TERENA, Micro-BIT Virus Center and CERT-NL. EuroCERT has a paying customer base, but some services however are necessarily extended to also non paying customers - and the organisation of these open meetings was clearly one of them. FIRST happens to organise a (closed) technical colloquium in Milano in January. Several attendants of those colloquia are also customers of EuroCERT or are associated with European IRTs. So it was a rather obvious idea of EuroCERT to try and organise the OPEN European IRT meeting adjacent in time to the FIRST meeting - saving time and money for several people - and also enabling interested and valuable guests from US teams (like CERT Coordination Center) to be present. Having taken part in the discussions I know that also co-location (in time) with RIPE or TERENA meetings is considered for future events. Hope to see several of you in Milano on the 12th of January, during an entirely open meeting for European IRTs and interested guests. Best regards Don Stikvoort CERT-NL chairman CERT-NL is the IRT for SURFnet ( the .nl NREN ). CERT-NL is a member of FIRST and a customer of EuroCERT.
This is an open meeting organized by EuroCERT with the intention ^^^^ of gathering European Computer Incident Response Teams and other interested parties together. ... This year the meeting is aligned with FIRST sponsored Technical Colloquium and the meeting of the FIRST Steering Committees so it will be opportunity to meet some of well established FIRST members from teams worldwide.
Note: Unfortunately non-FIRST members are not permitted to participate in the Technical Colloquium
How comes? Are non-FIRST members considered technically incompetent? Is their input not considered worthwhile? Are non-FIRST members considered untrusted, and hence to be kept away from 'sensitive' information? Or is it because of the sponsoring, or to put it another way: money prevailing over valuable technical input from non-members? I wouldn't call that an "open" meeting...
Piet
-----BEGIN PGP SIGNATURE----- Version: 2.6.2i iQCVAwUBNEOT7hhlzkA/+6mNAQHllwP6Aowqllyw4J0sxECY/6HqZ4tHIMsz0ZnI ROYk58fPbJ7jDme44LqfWxkZ3WlpxLcfeWh0cSUyAelhvgb8LkA/xP84qb+Rz/2V isLP8EcCo8hluV9UHKdqWuHlkmk/7EpZuR3eEB/tGUKKKpuk8i5VcD9dQwq7zAdp uQag6ncArvg= =SGK/ -----END PGP SIGNATURE-----