SUNET CERT RFC 2350 Profile

1. Document Information

This document complies with RFC 2350.

1.1. Date of Last Update

This is version 1.0 as of January 28, 2013.

1.2. Distribution List for Notifications

This profile is kept up-to-date in the location specified in section 1.3.
E-mail notification of updates are sent to SUNET CERT management and investigators.
Please send any questions about updates to the SUNET CERT team e-mail address:

1.3. Locations where this Document May Be Found

The current version of this profile is always available at här

2. Contact Information

1. Name of the Team

Full name: SUNET CERT Computer Emergency Response Team.
Short name: SUNET CERT

2.2. Addresses

2.2.1 Mail address

SUNET CERT c/o Uppsala universitet
Box 887
S-751 08 Uppsala

2.2.2 Visiting address

SUNET CERT, Uppsala universitet
Lägerhyddsvägen 2B

2.3. Time Zone

GMT+1 (GMT+2 in Summer Time)

2.4. Telephone Number

SUNET CERT regular telephone number: +46 18 471 7560
SUNET CERT emergency telephone number: +46 18 471 9390

2.5. Facsimile Number

SUNET CERT facsimile number: +46 18 471 7876

2.6. Other Telecommunication

Not applicable.

2.7. Electronic Mail Address

Please send incident reports that relate to SUNET, including copyright issues, spam and abuse to
Non-incident related mail should be addressed to

2.8. Public Keys and Encryption Information

Please encrypt any sensitive e-mail with the SUNET CERT PGP key with

PGP keyid 0xBDD2CD97 and
PGP fingerprint C0CA A448 5E8E 00F6 0B05 9559 6A6C 7AAC BDD2 CD97

and send it to
Please sign messages using a key that is verifiable using the public keyservers. Because all SUNET CERT investigators can read mail encrypted with the key, individuals can use it if they cannot find a key for a specific SUNET CERT team member.

2.9. Team Members

No public information is provided about SUNET CERT team members.

2.10. Other Information

Further information about the SUNET CERT can be found at
SUNET CERT is listed by the Trusted Introducer (TI) for CERTs in Europe and has been registred as "TI Accredidited CERT" since 14 May 2002; see for details. SUNET CERT is a member of Forum for Incident Response and Security Teams (FIRST); see for details.

2.11. Points of Customer Contact

The preferred method for contacting SUNET CERT is e-mail.

  • For general inquiries, please send e-mail to:
  • For abuse or security issues, please use
  • For network, server, or service issues, please use
  • In an emergency, contact SUNET CERT on +46 18 471 9360.

SUNET CERT's hours of operation are generally restricted to regular business hours, or 08:00 to 17:00 Monday to Friday except public holidays.

3. Charter

3.1. Mission Statement

The SUNET CERT mission is to coordinate and inform about IT-security related issues for all SUNET's customers.
It's also the mission for SUNET CERT to monitor that all organisations are acting in compliance with the SUNET IT-security policy.

3.2. Constituency

SUNET customers which connected with SUNET. The corresponding AS-numbers are:
AS1653 and sub-AS (2831-2835,2837-2846,5601,8748, 8973,9088,12381,12384,15980,16251)

3.3. Sponsoring Organisation / Affiliation

SUNET CERT operates with the authority delegated by SUNET.

3.4. Authority

SUNET CERT operates under the auspices of the SUNET members and the supervision of the SUNET management.
Should circumstances warrant it, the SUNET CERT will appeal to the SUNET NOC excert its authority.

4. Policies

4.1. Types of Incidents and Level of Support

All incidents are considered normal priority.

4.2. Co-operation, Interaction, and Disclosure of Information

All incoming information is handled confidentially by SUNET CERT and in accordance with Swedish Law.
When reporting an incident of sensitive nature, please state so explicitly by using an appropriate label in the Subject field (for example, SENSITIVE, EMERGENCY, etc.) and if possible, use encryption as well.
SUNET CERT supports the Information Sharing Traffic Light Protocol (ISTLP; see; information that arrives with the tags WHITE, GREEN, AMBER, or RED will be handled appropriately.

4.3. Communication and Authentication

See section 2.8; usage of PGP in all cases where sensitive information is involved is highly recommended.

5. Services

5.1. Incident Response (Triage, Coordination, and Resolution)

SUNET CERT can assist system administrators in handling the technical and organizational aspects of computer security incidents.

6. Incident Reporting Forms

Not available; please report using e-mail. When reporting an incident of sensitive nature use encrypted e-mail.

7. Disclaimers