IGTF RAT

The International Grid Trust Federation (IGTF) Risk Assessment Team (RAT) is responsible for assessing risk and setting time and deadlines for response and action for concerns and vulnerabilities.

Email address: igtf-rat@eugridpma.org (administered by operations@eugridpma.org)

Members:

• APGridPMA: Yoshio Tanaka, Jinny Chien
• EUGridPMA: Jens Jensen, Willy Weisz (PGP, X.509), David Groep (PGP, X.509)
• TAGPMA: Jim Basney (PGP, X.509), Vinod Rebello, Jim Marsteller (PGP)

Note: This page is publicly accessible via http://tagpma.es.net/wiki/bin/view/IGTF-RAT. Use https://tagpma.es.net/wiki/bin/view/IGTF-RAT to edit.

News

• 02 Jan 2009: Impact of December 30th MD5 collision vulnerability on the IGTF
• 23 May 2008: Impact of the Debian OpenSSL vulnerablity on the IGTF

Work

• 20080813 - Test of communications channels with IGTF CA operators

Procedures

The IGTF RAT operates by consensus. To react quickly and effectively, the group must have the ability to quickly reach consensus. We take the Apache Voting Process as a guide. Specifically, consensus is reached if there are three positive votes and no negative votes. Any official action requires that we reach consensus in this manner.

The IGTF RAT contacts CA operators via the email address in the .info file of the IGTF distribution. IGTF members are expected to monitor this address. The RAT expects responses from IGTF members within one business day. The RAT conducts tests of the CA email addresses twice per year.

To contact all IGTF CA operators, take the latest IGTF distribution and run

grep -h "email =" *.info | cut -c 9- | sort -u | perl -n -e '{ chomp; print "$_, " }' | sed 's/, $//g'

to get a list of addresses. Note the use of BCC or subjects including "please reply" is discouraged because it causes messages to be bounced or marked as spam.

Response procedure proposed at the TAGPMA F2F meeting in La Plata, Argentina is shown at the right.

Contact Information

IGTF Information (info@gridpma.org)

IGTF General (igtf-general@gridpma.org)

• IGTF member discussions

APGridPMA Members (members@apgridpma.org)

• APGridPMA member discussions

EUGridPMA Announcements (announce@eugridpma.org)

• http://mailman.eugridpma.org/cgi-bin/listinfo/eugridpma-announce

EUGridPMA Concerns (concerns@eugridpma.org)

• public reporting address for concerns regarding the EUGridPMA
• forwarded to European RAT members

EUGridPMA Suspension Review Core Team (suspension-review@eugridpma.org)

• expert and policy core team to assess CA suspension before a plenary call (to set timelines therefor)
• members: Dave Kelsey, Ursula Epting, Jan Jona Javorcek, David Groep

EUGridPMA Operations (operations@eugridpma.org)

• DNS and email aliases, mailing list administration, web site repair
• members: Anders Waananen, David Groep

EUGridPMA General (dg-eur-ca@services.cnrs.fr)

• EUGridPMA member discussions

TAGPMA General (tagpma-general@tagpma.org)

• TAGPMA member discussions
• http://www.tagpma.org/mailing_lists/tagpma-general

TAGPMA Private (tagpma-private@psc.edu)

• For private discussions between select members of the TAGPMA organization. All communications should be considered private and not disclosed to outside parties. Example uses of this list include: Incident Response, sensitive CA status information, etc.
• https://lists.psc.edu/mailman/listinfo/tagpma-private

TAGPMA Concerns (concerns@tagpma.org)

• public reporting address for concerns regarding the TAGPMA
• RAT_Procedure.pdf: Initial RAT Response Procedure

to top