Dear Contributor, The RIPE NCC has proposed to execute a pilot project to provide Security Incident Response Coordination in Europe (SIRCE) starting in early 1997. In the past this has sometimes be called the Euro-CERT. We made this proposal assuming that there is a need for such a service among the European ISPs, i.e. the current customers of the RIPE NCC. Now that the proposal has been published as document ripe-150, we ask you to examine it and to commit a financial contribution to the pilot in 1997. The benefits for those contributing include: - Preferred Service Non-paying customers will only receive service if there is no outstanding work for paying customers. - Influence Paying customers will determine the general direction, the policies and the services of SIRCE. - Credit The level of your contribution will be publicly acknowledged. The minimum contribution is ECU 500 and there is no maximum. As explained in the proposal we are looking for an average contribution around ECU 1000. The contributions will be invoiced once the project has definitely started. If the project is oversubscribed the amounts invoiced will be reduced pro rata. Should there be insufficient commitments to fund the project, we will withdraw our proposal. The deadline for contributions is November 27th 1996. Until then we will regularly publish the commitments already made. Please use the form below to make commitments and pass this message on to those who might be interested to participate. Of course I will be happy to answer any questions you may have. With thanks in advance for your support Daniel Karrenberg ------ %START %FORM [sirce9601] I herby commit to contribute the ECU amount indicated to the SIRCE pilot project as defined in ripe-150 and the documents it refers to. I confirm that I have authority to commit my organisation for this contribution. I expect to be invoiced for this contribution as soon as the project will have started. Please put information between the brackets. Please give your full name. %NAME [ ] Please give your position in the organisation. %POS [ ] Specify the registry ID of your organisation if it has one. %REGID [ ] If you have *not* specified a registry ID above, please give the full organisation name and billing address. We will contact you for more details if necessary. %ORGNAME [ ] %ADDRESS [ ] Committed amount in ECU. Minimum is ECU 500. Excludes VAT where applicable. %AMOUNT [ ] Any billing reference that you may wish to be mentioned on the invoice. %BILLREF [ ] %END
Dear Mr. Karrenberg, As a Coordinator of CERT NASK (an IRT established in NASK, POland) I am very interested in project to provide incident responce cordination in Europe. However I have some comments to your "contribution scheme" as you have desribed in your proposition:
The benefits for those contributing include:
- Preferred Service Non-paying customers will only receive service if there is no outstanding work for paying customers.
- Influence Paying customers will determine the general direction, the policies and the services of SIRCE.
- Credit The level of your contribution will be publicly acknowledged.
As you know coordination of incident handling relies on strict cooperation among IRTs, ISPs , customer representatives and many others. Therefore you cannot ignore request just because it is from non-paying customer (assuming you have some "payed" requests to handle) because it can be dangerous to all constituency you serve. Hence I can imagine that paying customers have "full service" but those non-paying should receive some basic level of incident handling services. This is important at least from the statistical point of view (how many incidents, what kind of incidents etc.)Those who are paying should also be interested in handling of every incident by "European CERT" instead of handling of selected ones - because everybody is interconnected. Best regards, Krzysztof Silicki CERT NASK --------------------------------------------------------------------------- Krzysztof Silicki e-mail: krzysiek@nask.pl tel/fax +48 22 268000 Naukowa i _) _) _) _)_)_)_) _) _) Research and Akademicka _)_) _) _)_) _) _) _) Academic Siec _) _) _) _) _) _)_) _) _)_)_) Network in Poland Komputerowa _) _)_) _) _) _) _) _) _) Bartycka 18 w Polsce _) _) _) _) _)_)_)_) _) _) 00-716 Warsaw personal PGP public key: ftp://pub/CERT_NASK/cert_pgp_keys/k_silicki.pgp CERT NASK PGP public key: ftp://pub/CERT_NASK/cert_pgp_keys/CERT_NASK.pgp ---------------------------------------------------------------------------
Krzysztof, thank you for your comments. I assure you that the the service as we propose it will serve non-paying customers because we realise that this is beneificial to the community as a whole and especially the paying customers. We are quite aware of the points you make. For more details you may refer to ripe-150. However, please consider the situation where all resources of SIRCE are engaged in coordinating incidents involving paying customers; there is no time left. Now if a non-paying customer asks for resources there are essentially two possibilities: 1) SIRCE serves the request by taking resources from other work, thereby reducing quality of service for paying customers. The effect will be potentially unhappy paying customers and a happy non-paying customer. The non-paying customer gets what they want and the paying customer gets less than that. The likely consequence is that the non-paying customer will not cosider contributing to the cost of the service he receives and the paying customer may become unhappy enough to stop doing so. If this happens frequently enough the total amount of resources available will remain constant at best but may actually decrease. A negative feedback effect! 2) SIRCE does not serve the request until there are resources idle, and keeps resources allocated to incidents involving paying customers. As a result the paying customers are kept as happy as possible and the non-paying customer may consider to start contributing to the cost of the service he requests. If this happens frequently enough the resources available will increase. A positive feedback effect! I can assure you that the RIPE NCC through the years has had ample experience with both policies and that the second one works much better. It just keeps everyone involved much happier. In the begining we did indeed operate coordination services according to policy #1 for various reasons. We survived the negative feedback effect only because of the dedication of the NCC staff duing those pioneering days. As far as the SIRCE service is concerned we beleive that the Internet community is mature enough now to skip this phase. Kind regards Daniel
Krzysztof Silicki <krzysiek@nask.pl> writes:
...
As you know coordination of incident handling relies on strict cooperation among IRTs, ISPs , customer representatives and many others. Therefore you cannot ignore request just because it is from non-paying customer (assuming you have some "payed" requests to handle) because it can be dangerous to all constituency you serve. Hence I can imagine that paying customers have "full service" but those non-paying should receive some basic level of incident handling services. This is important at least from the statistical point of view (how many incidents, what kind of incidents etc.)Those who are paying should also be interested in handling of every incident by "European CERT" instead of handling of selected ones - because everybody is interconnected.
Best regards, Krzysztof Silicki CERT NASK
participants (2)
-
Daniel Karrenberg -
Krzysztof Silicki