Coordinating Attack Response at Internet Scale (CARIS) Workshop Report
RFC 8073
Document | Type |
RFC - Informational
(March 2017; No errata)
Was draft-iab-carisreport (iab)
|
|
---|---|---|---|
Authors | Kathleen Moriarty , Mat Ford | ||
Last updated | 2018-12-20 | ||
Replaces | draft-moriarty-carisreport | ||
Stream | IAB | ||
Formats | plain text html pdf htmlized bibtex | ||
Stream | IAB state | Published RFC | |
Consensus Boilerplate | Yes | ||
RFC Editor Note | (None) |
Internet Architecture Board (IAB) K. Moriarty Request for Comments: 8073 M. Ford Category: Informational March 2017 ISSN: 2070-1721 Coordinating Attack Response at Internet Scale (CARIS) Workshop Report Abstract This report documents the discussions and conclusions from the Coordinating Attack Response at Internet Scale (CARIS) workshop that took place in Berlin, Germany on 18 June 2015. The purpose of this workshop was to improve mutual awareness, understanding, and coordination among the diverse participating organizations and their representatives. Note that this document is a report on the proceedings of the workshop. The views and positions documented in this report are those of the workshop participants and do not necessarily reflect IAB views and positions. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This document is a product of the Internet Architecture Board (IAB) and represents information that the IAB has deemed valuable to provide for permanent record. It represents the consensus of the Internet Architecture Board (IAB). Documents approved for publication by the IAB are not a candidate for any level of Internet Standard; see Section 2 of RFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc8073. Moriarty & Ford Informational [Page 1] RFC 8073 CARIS March 2017 Copyright Notice Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Sessions and Panel Groups . . . . . . . . . . . . . . . . . . 4 2.1. Coordination between CSIRTs and Attack Response Mitigation Efforts . . . . . . . . . . . . . . . . . . . 5 2.2. Scaling Response to DDoS and Botnets Effectively and Safely . . . . . . . . . . . . . . . . . . . . . . . . . 8 2.3. DNS and RIRs: Attack Response and Mitigation . . . . . . 9 2.4. Trust Privacy and Data Markings Panel . . . . . . . . . . 10 3. Workshop Themes . . . . . . . . . . . . . . . . . . . . . . . 11 4. Next Steps . . . . . . . . . . . . . . . . . . . . . . . . . 12 4.1. RIR and DNS Provider Resources . . . . . . . . . . . . . 12 4.2. Education and Guidance . . . . . . . . . . . . . . . . . 12 4.3. Transport Options . . . . . . . . . . . . . . . . . . . . 12 4.4. Updated Template for Information Exchange Groups . . . . 13 5. Security Considerations . . . . . . . . . . . . . . . . . . . 13 6. Informative References . . . . . . . . . . . . . . . . . . . 13 Appendix A. Workshop Attendees . . . . . . . . . . . . . . . . . 15 IAB Members at the Time of Approval . . . . . . . . . . . . . . . 15 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 16 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 16 Moriarty & Ford Informational [Page 2] RFC 8073 CARIS March 2017 1. Introduction The Internet Architecture Board (IAB) holds occasional workshops designed to consider long-term issues and strategies for the Internet, and to suggest future directions for the Internet architecture. This long-term planning function of the IAB is complementary to the ongoing engineering efforts performed by working groups of the Internet Engineering Task Force (IETF), under the leadership of the Internet Engineering Steering Group (IESG) and area directorates. The Internet Architecture Board (IAB) and the Internet Society (ISOC) hosted a day-long Coordinating Attack Response at Internet Scale (CARIS) workshop on 18 June 2015 in coordination with the Forum for Incident Response and Security Teams (FIRST) Conference in Berlin. The workshop included members of the FIRST community, attack response working group representatives, network and security operators, Regional Internet Registry (RIR) representatives, researchers, vendors, and representatives from standardization communities. The key goals of the workshop were to improve mutual awareness, understanding, and coordination among the diverse participatingShow full document text