Generally the constituency is the University of Oslo and cooperating partners/groups, which is at least uio.no
The constituency includes, but is not necessarily restricted to the networks:
129.240.*.*(all addresses starting with 129.240)
All issues concerning uio.no security incidents concerns UiO CERT
Cooperating with UiO-CERT
Uninett is the ISP of the University of Oslo, they are responsible for AS224, and are in some circumstances responsible for the ip address range. UiO has been delegated authority over some ranges, and takes full responsibility concerning this range/group.
- The team discloses incident or vulnerability information on a need-to-know basis when this serves the purpose of incident management or vulnerability containment. Disclosure of information is decided on a case-by-case basis by the team lead, and in general the information will be anonymised.
- All team members have signed non-disclosure agreements and adhere to TLP (Traffic Light Protocol)
- All members can be trusted to keep sensitive data separate encrypted on secure locations, and to keep sensitive data out of the incident tracking system
- UiO-CERT will respond to any request from any person or group. Both external and local requests are normally channeled through the user's IT-organisation or nearest CERT-group.
- In legal matters the University of Oslo is independent and speaks on it own's behalf.
- UiO-CERT will often contact an organisation directly. If contact is to be made with a foreign government CERT, UiO-CERT will either go through NorCERT or at least include them as recipients.
- UiO-CERT will include Uninett CERT if the case can be of interest or to strenghten the relationship.