RFC 2350 documentation
This document contains a description of CSIRT.ID according to RFC 2350. It provides basic information about the CSIRT.ID, the ways it can be contacted, describes its responsibilities and the services offered.
This is version 0.1 as of 01/06/2020. Indonesia date format is DD/MM/YYYY.
There is no distribution list for notifications as of 01/06/2020.
The current version of this document can always be found at:
CSIRT.ID – Cyber Security Independent Resilience Team of Indonesia.
Time reference host:
+62 21 7918 6199
+62 21 7918 6199
Instant Messaging, Voice and Video Conferencing uses Telegram ID @CSIRTID
CSIRT.ID uses this address team [at] csirt.id and signed with PGP key.
Encrypted communications should use this – and only this – operational key.
All PGP keys (including the keys of individual team members) can be found at:
Liaison is provided by the Department of Interagency Collaboration of CSIRT.ID.
A preferred method to contact CSIRT.ID is through e-mail. For incident reports and related issues, please directly use incident [at] csirt.id. This procedure will create a ticket number in our tracking system and will alert officer on duty.
For general inquiries please send e-mail to info [at] csirt.id
If it is not possible to use e-mail – or advisable due to security reasons, you can contact or reach us through fixed-line – telephone and facsimile at +62 21 7918 6199.
CSIRT.ID`s operation is generally restricted to regular business hours:
Note that: we will response ONLY DURING THESE HOURS.
We did not provide IVR (Interactive Voice Response) System and no recording for any communication by phone, and staffs are only available during office hours. So, please consider time differences between your area and ours, thus eliminating the possibility of a wasted call.
Otherwise, please use email and or our online incident reporting form (for members).
CSIRT.ID is a non-government initiative and independent cybersecurity incident response team association was formed by professionals, expert, and academia to assist communities and private sector in Indonesia to proactively contributing and strengthening national cybersecurity and resilience.
CSIRT.ID constituencies are:
For awareness purposes, pro-active educational material will be provided to the constituencies, and the general public as well.
CSIRT.ID founders: see 2.9 and former ID-SIRTII/CC members and staff.
CSIRT.ID co-founders are not mentioned directly due to some exceptions and restrictions reason. Including individual experts, academia, other Non-Government Agencies.
CSIRT.ID is not registered in any regional organization or initiatives membership yet, and no sponsors and affiliations available as at present time.
CSIRT.ID is an independent organization. Which means, it is fully funded by private donors and membership. We did not perform any kind of government function and services, particularly or in general.
Our accountability and responsibility are to the constituencies.
CSIRT.ID`s main purpose is to help coordination amongst local incident response initiatives to handle any kind of incidents at constituency level based on terms and conditions within NDA. This includes communication with counterparts and initiates collaboration as needed. In such, we only advise constituencies to take immediate action. WE DO NOT MITIGATE AND REMEDIATE directly since we do not have direct authority to its network and so on.
We did not have any authority over internet infrastructure yet.
CSIRT.ID is authorized to address any kind of cybersecurity incidents, which occur or threaten our constituency (see section 3.2 Constituency) and its cyber strategic interest, in which required cross-organizational coordination, especially amongst members at constituency level. We will impose any precaution action needed and committed to keeping our constituency informed to any potential vulnerability.
The level of support given by CSIRT.ID will vary depending on the type and severity of the incident or issues that occurred, type of constituent, size of user or community affected, and the availability of CSIRT.ID`s resources. Special attention will be given to an event that is directly affecting members and constituency's critical infrastructure.
Please note that NO DIRECT SUPPORT WILL BE GIVEN TO END USERS. They are expected to contact their local CSIRT or security team (if any), or system administrator, network administrator and department head for assistance.
CSIRT.ID cooperates with other organizations in the field of cybersecurity resilience and Internet infrastructure. Those engagements often require data or information exchange regarding incidents and issues. Nevertheless CSIRT.ID committed to protect the privacy of its constituency and therefore (under normal circumstances) only pass on limited and anonymized information to other parties, unless some contractual agreements apply, for example, Non-Disclosure Agreement (NDA).
We operate under restrictions imposed by applicable Indonesian law regarding information classifications and protection. This involves handling procedures of personal data as required by the Indonesian Data Protection law, but it is may be forced to disclose such information due to LEA investigation or by court`s order.
For usual communication, not containing sensitive information, CSIRT.ID will use conventional methods like unencrypted e-mail or facsimile.
For secure communication, PGP-Encrypted e-mail or telephone/fax will be used. If it is necessary to authenticate a person before communicating, this can be done either through existing peers of trust (e.g. FIRST, APCERT, OIC-CERT, others recognized CERT/CSIRT teams) or by other methods like a callback, mail-back or even face-to-face meeting if necessary.
We response the incidents through (online) public reporting procedures, which are:
If possible, please make use of our Incident Reporting Form.
The current version is available from https://csirt.id/incidents/
While every precaution will be taken in the preparation of (those) information, alerts, and notifications, CSIRT.ID assumes will not take any responsibility for errors, omissions, or damages resulting from the use of the information contained within.
This information should be solely used only as mentioned.