diff --git a/docs/index.html b/docs/index.html index 9768085..808fbe9 100644 --- a/docs/index.html +++ b/docs/index.html @@ -555,11 +555,11 @@

Change Log

Nicholas Roy

-

Draft

Added information about PGP key usage

February 17, 2020

1.6

+

Nicholas Roy

@@ -646,10 +646,7 @@

Initial Contact/Notification an

Inquiries from any law enforcement agency regarding a security incident, including formal legal process such as subpoenas and warrants, must be directed to the General Counsel of Internet2.

-

IF YOU HAVE A PGP KEY You can use InCommon’s PGP public key to encrypt sensitive information you send to us via email. Information on this key is available at: https://incommon.org/incident-reponse/

-
-
-

IF YOU DO NOT HAVE A PGP KEY, DO NOT communicate any sensitive information via these channels. Internet2 staff will set up a secure communications channel with you, if need be, after your initial request is received

+

You can use InCommon’s PGP public key to encrypt sensitive information you send to us via email. Information on this key is available at: https://incommon.org/incident-reponse/. DO NOT send sensitive information in unecrypted email.

The CSIRT will accept, evaluate and reply (when necessary and deemed appropriate) to valid submissions as soon as possible, but in no event later than 24 hours after receipt of the notice.

@@ -1062,7 +1059,7 @@

Appendix B: Acknowledgements

diff --git a/main.adoc b/main.adoc index edc568f..2769cd0 100644 --- a/main.adoc +++ b/main.adoc @@ -90,9 +90,7 @@ Any party may make the CSIRT aware of a relevant security incident or disclosure *_Inquiries from any law enforcement agency regarding a security incident, including formal legal process such as subpoenas and warrants, must be directed to the General Counsel of Internet2._* -*IF YOU HAVE A PGP KEY* You can use InCommon's PGP public key to encrypt sensitive information you send to us via email. Information on this key is available at: https://incommon.org/incident-reponse/[https://incommon.org/incident-reponse/] - -*IF YOU DO NOT HAVE A PGP KEY, DO NOT* communicate any sensitive information via these channels. Internet2 staff will set up a secure communications channel with you, if need be, after your initial request is received +You can use InCommon's PGP public key to encrypt sensitive information you send to us via email. Information on this key is available at: https://incommon.org/incident-reponse/[https://incommon.org/incident-reponse/]. *DO NOT* send sensitive information in unecrypted email. The CSIRT will accept, evaluate and reply (when necessary and deemed appropriate) to valid submissions as soon as possible, but in no event later than 24 hours after receipt of the notice. diff --git a/pdf/inc-security-incident-handling-framework.pdf b/pdf/inc-security-incident-handling-framework.pdf index 6c457ad..99f071e 100644 Binary files a/pdf/inc-security-incident-handling-framework.pdf and b/pdf/inc-security-incident-handling-framework.pdf differ