UU-CSIRT RFC 2350 Profile
1. Document Information
This document complies with RFC 2350.
1.1. Date of Last Update
This is version 1.0 as of August 12, 2015.
1.2. Distribution List for Notifications
This profile is kept up-to-date in the location specified in section 1.3.
E-mail notification of updates are sent to UU-CSIRT management and investigators.
Please send any questions about updates to the UU-CSIRT team e-mail address: firstname.lastname@example.org.
1.3. Locations where this Document May Be Found
The current version of this profile is available at https://mp.uu.se/web/info/stod/sakerhet/it-sakerhet/RFC2350
2. Contact Information
1. Name of the Team
Full name: Uppsala University Computer Security Incident Response Team.
Short name: UU-CSIRT
2.2.1 Mail address
Uppsala universitet CSIRT
S-751 05 Uppsala
2.2.2 Visiting address
Uppsala universitet CSIRT
Dag Hammarskjölds väg 7
2.3. Time Zone
GMT+1 (GMT+2 in Summer Time)
2.4. Telephone Number
UU-CSIRT regular telephone number: +46 18 471 7560
UU-CSIRT emergency telephone number: +46 18 471 2500
2.5. Facsimile Number
2.6. Other Telecommunication
2.7. Electronic Mail Address
Please send incident reports that relate to Uppsala University, including copyright issues, spam and abuse to email@example.com.
Non-incident related mail should be addressed to firstname.lastname@example.org.
2.8. Public Keys and Encryption Information
Please encrypt any sensitive e-mail with the UU-CSIRT PGP key with
PGP keyid 0x56D64E0C and
PGP fingerprint AAB0 C8FD 20A5 6323 5C7D FFAC 70DC 47BE 56D6 4E0C
and send it to email@example.com.
Please sign messages using a key that is verifiable using the public keyservers.
2.9. Team Members
No public information is provided about UU-CSIRT team members.
2.10. Other Information
Further information about the UU-CSIRT can be found at https://mp.uu.se/web/info/stod/sakerhet/it-sakerhet.
2.11. Points of Customer Contact
The preferred method for contacting UU-CSIRT is e-mail.
- For general inquiries, please send e-mail to: firstname.lastname@example.org
- For abuse or security issues, please use email@example.com
- For network, server, or service issues, please use firstname.lastname@example.org
- In an emergency, contact UU-CSIRT on +46 18 471 75 60
UU-CSIRT 's hours of operation are generally restricted to regular business hours, or 08:00 to 17:00 Monday to Friday except public holidays.
3.1. Mission Statement
The UU-CSIRT’s mission is to prevent, detect and resolve IT security incidents related to Uppsala University. For the world, UU-CSIRT is the Uppsala University interface with regards to IT security incidents response. All IT security incidents (including abuse) related to Uppsala University can be reported to UU-CSIRT.
Uppsala University with all its organizations, employees and networks.
3.3. Sponsoring Organisation / Affiliation
UU-CSIRT operates with the authority delegated by Uppsala University CSO.
UU-CSIRT operates under the supervision of the Uppsala University management. UU-CSIRT coordinates security incidents on behalf of Uppsala University. UU-CSIRT is expected to make operational recommendations or take operational actions in the course of its work in the interest of the IT Security at Uppsala University.
4.1. Types of Incidents and Level of Support
All incidents are considered normal priority.
4.2. Co-operation, Interaction, and Disclosure of Information
All incoming information is handled confidentially by UU-CSIRT and in accordance with Swedish Law.
When reporting an incident of sensitive nature, please state so explicitly by using an appropriate label in the Subject field (for example, SENSITIVE, EMERGENCY, etc.) and if possible, use encryption as well.
UU-CSIRT supports the Information Sharing Traffic Light Protocol (ISTLP; see https://www.trusted-introducer.org/ISTLPv11.pdf); information that arrives with the tags WHITE, GREEN, AMBER, or RED will be handled appropriately.
4.3. Communication and Authentication
See section 2.8; usage of PGP in all cases where sensitive information is involved is highly recommended.
5.1. Incident Response (Triage, Coordination, and Resolution)
UU-CSIRT can assist system administrators in handling the technical and organizational aspects of computer security incidents.
6. Incident Reporting Forms
Not available; please report using e-mail. When reporting an incident of sensitive nature use encrypted e-mail.