Re: [secdir] EU Cyber Security Strategy.

Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 28 January 2013 21:02 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E68E21F8763 for <secdir@ietfa.amsl.com>; Mon, 28 Jan 2013 13:02:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S+V4-R7MP7Wi for <secdir@ietfa.amsl.com>; Mon, 28 Jan 2013 13:02:54 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id EDD6E21F86E4 for <secdir@ietf.org>; Mon, 28 Jan 2013 13:02:53 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id BE1A2BE62; Mon, 28 Jan 2013 21:02:29 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QmnXMtUb11Pb; Mon, 28 Jan 2013 21:02:27 +0000 (GMT)
Received: from [10.87.48.12] (unknown [86.44.73.174]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 496B1BE35; Mon, 28 Jan 2013 21:02:27 +0000 (GMT)
Message-ID: <5106E763.6020306@cs.tcd.ie>
Date: Mon, 28 Jan 2013 21:02:27 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130106 Thunderbird/17.0.2
MIME-Version: 1.0
To: Olaf Kolkman <olaf@NLnetLabs.nl>
References: <C9F001FD-1F18-4789-89E7-07A31BA9A922@NLnetLabs.nl>
In-Reply-To: <C9F001FD-1F18-4789-89E7-07A31BA9A922@NLnetLabs.nl>
X-Enigmail-Version: 1.5
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: IAB IAB <iab@iab.org>, Hannes Tschofenig <Hannes.Tschofenig@nsn.com>, secdir@ietf.org
Subject: Re: [secdir] EU Cyber Security Strategy.
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Jan 2013 21:02:55 -0000

Hi Olaf,

I think Hannes' answer was right, and there are more security
related BCPs (e.g. BCP107). Would it help to make a list or
can you just say there's a bunch of those and here're some
examples? If the former we can get you a longer list I guess;-)

And I've a question back to you: might it be useful to have
some kind of engagement between the IETF security area and
ENISA and would that be something to bring up in this context?

If a very light form of that was useful we'd be happy to
invite some ENISA person(s) to come to a secdir lunch or give
a talk at a saag session whenever. (Note: I don't mean from
some known IETFer who's done stuff with ENISA but rather
someone from ENISA who's not been to an IETF but might
usefully inhale our fumes;-)

S.

On 01/28/2013 12:42 PM, Olaf Kolkman wrote:
> 
> Folk,
> 
> This mail is FYI, it may be of business/personal interest to some of you.
> I have a specific question.
> 
> Context: MSP for ICT St.
> 
> You may or may not be aware that the EU has a Multi Stakeholder Platform for ICT 
> standardization. One of the stakeholders at the table is the IETF/IAB and your 
> truly is, with Hannes Tschofenig as backup, the representative for the IETF/IAB.
> 
> The platform is chartered to give the Commission advise on all matters standard 
> and to identify standards, developed by fora and consortia, that can be used in 
> public procurement (formally RFCs can not be reference in EU procurement: when 
> these folk talk about standards they think ISO, ITU, ETSI etc etc.)
> 
> 
> Specific: EU Cyber Sec Strat.
> 
> What is attached is part on the advise on all matters standard aspect. The 
> document gives a short executive level overview of what the EU intends with its 
> cyber security strategy. The document is FYI mainly.
> 
> However I have one particular bit of information that I need. See the section on 
> "Where do standards come in". I do not think there is any relevant IETF work in 
> this area (info exchange and such) and would like to get guidance if that is a 
> misunderstanding.
> 
> 
> The platform is having its 3rd meeting 7 Feb.
> 
> 
> 
> 
> 
> 
> *NLnet
> *Labs
> 	
> Olaf M. Kolkman
> 	
> 
> www.NLnetLabs.nl <http://www.NLnetLabs.nl>
> olaf@NLnetLabs.nl <mailto:olaf@NLnetLabs.nl>
> 	
> 
> Science Park 400, 1098 XH Amsterdam, The Netherlands
> 
> 
> 
> 
> 
> 
> _______________________________________________
> secdir mailing list
> secdir@ietf.org
> https://www.ietf.org/mailman/listinfo/secdir
> wiki: http://tools.ietf.org/area/sec/trac/wiki/SecDirReview
>