[Bp_certs] About types of CERTs

Patrik Fältström paf at frobbit.se
Thu Jul 31 05:12:12 EDT 2014 

On 31 Jul 2014, at 11:01, Damir Rajnovic <gausix at gmail.com> wrote:

> On Thu, Jul 31, 2014 at 09:58:38AM +0200, Patrik Fältström wrote:
>> On 31 jul 2014, at 09:51, Andrew Cormack <Andrew.Cormack at ja.net> wrote:
>> 
>>> The specific references are to European law, but I think the 
>>> conclusion that "special" status can actually reduce the amount 
>>> of information that others share with you, is general.
>> 
>> Bingo!
> 
> This is true but to an extent.
> 
> Within a country the government can pass laws mandating that
> all teams within the country must share information with the
> national CERT. Teams from other countries may not contact
> the national CERT at all but teams within country would not
> have a choice.
> 
> What you two are saying is correct in principle and if we
> would look at the problem as a free market. People would
> always use teams that provide the most utility back. In
> practice things can be distorted and laws have tendency
> of introducing all sorts of kinks and warps.

This is why I am saying "becoming a national CERT" might in some cases be positive thing.

In Sweden for example, any data that is given to a public service is by default open, so any third party can request a copy of that communication that has taken place. This creates problems and issues in the mandatory (under the Telecommunications Directive in the EU) reporting that must take place if there is impact on the functioning of telecommunication services in Sweden. This has in turn required the government to issue special legislation that say that "this kind of communication" (sharing of potentially sensitive information) is not by default open, but default closed. I.e. TLP:red.

So, "national CERT" is one of many tools that might help, or might hurt.

"It all depends" on what you do, who you serve, and under what jurisdiction and such things.

It should not be a (or the) goal of the exercise to "create and run a cert".

   Patrik

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://intgovforum.org/pipermail/bp_certs_intgovforum.org/attachments/20140731/1381a5cf/attachment.sig>

More information about the Bp_certs mailing list