Subject Identification Method August, 2004 Tim Polk, NIST.

Slides:



Advertisements
Similar presentations
Chapter 14 – Authentication Applications
Advertisements

CSCE 815 Network Security Lecture 10 KerberosX.509 February 13, 2003.
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Cryptography and Network Security Chapter 14
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Intro To Secure Comm. Exercise 3. Problem The following scenario is suggested for establishing session keys  Alice and Bob share a secret (key phrase/password)
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Network Security Essentials Chapter 4
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.
IPv6 RADIUS attributes for IPv6 access networks draft-lourdelet-radext-ipv6-access-01 Glen Zorn, Benoit Lourdelet Wojciech Dec, Behcet Sarikaya Radext/dhc.
TLS 1.2 and NIST SP A Tim Polk November 10, 2006.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Dynamic Symmetric Key Provisioning Protocol (DSKPP) Mingliang Pei Salah Machani IETF68 KeyProv WG Prague.
1 Notification Rate Control draft-ietf-sipcore-event-rate-control th IETF,
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
IETF #91 OAuth Meeting Derek Atkins Hannes Tschofenig.
The Distribution Online Vending Pilot Project Demo Testing Certificate Management Kennedy P Subramoney 23 July 2004.
SAML in Authorization Policies draft-guenther-geopriv-saml-policy-01.
1 Diameter SIP application draft-ietf-aaa-diameter-sip-app-03.txt 60 th IETF meeting August 3 rd, 2004 Status.
Exposing Source IP Address Type Requirements with DHCPv6 D. Moses, A. Yegin draft-moses-dmm-dhcp-ondemand-mobility-00.
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | CEH | | |
NIST BIG DATA WG Reference Architecture Subgroup Agenda for the Subgroup Call Co-chairs: Orit Levin (Microsoft) James Ketner (AT&T) Don Krapohl (Augmented.
Academia Sinica Grid Computing Certification Authority (ASGCCA) Jinny Chien.
Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 14
PKCS #5: Password-Based Cryptography Standard
SAML for SIP Hannes Tschofenig, Jon Peterson, James Polk, Douglas Sicker, Marcus Tegnander.
1 Bandwidth Profile Negotiation over AAA Farid Adrangi, Paul Congdon, Chuck Black, Avi Lior, Farooq Bari draft-adrangi-radius-bandwidth-capability-01.txt.
Session Traversal Utilities for NAT (STUN) IETF-92 Dallas, March 26, 2015 draft-ietf-tram-stunbis Marc Petit-Huguenin, Gonzalo Salgueiro.
Long-term Archive Service Requirements November 9, 2004.
Installing a SSL Server. Creating a key Before you can create a digital signature/certificate. You need first to create a private key. To do this process.
1 Certification Issue : how do we confidently know the public key of a given user? Authentication : a process for confirming or refuting a claim of identity.
WLCG Grid Deployment Board CERN, 14 May 2008 Storage Update Flavia Donno CERN/IT.
Public Key Infrastructure Using X.509 (PKIX) Working Group March 20,
December 14, 2000Securely Available Credentails (SACRED) - Framework Draft 1 Securely Available Credentials (SACRED) Protocol Framework, Draft Specification.
KMIP PKCS#12 February 2014 Tim Hudson – 1.
Insert Your Name Insert Your Title Insert Date Client Registration Examples Alan Frindell 2/18/2011.
Insert Your Name Insert Your Title Insert Date Client Registration Examples Alan Frindell Denis Pochuev 4/26/2011.
August 2001 Slide 1 Extensions to TLS Simon Blake-Wilson Certicom David Hopwood Independent Consultant Jan Mikkelsen Transactionware Magnus Nystrom RSA.
S/MIME Capabilities Certificate Extension Stefan Santesson Microsoft.
CDB Chris Bonatti (IECA, Inc.) Tel: (+1) Proposed PKI4IPSEC Certificate Management Requirements Document IETF #61 – PKI4IPSEC Working.
SCVP-28 Tim Polk November 8, Current Status Draft -27 was submitted in June ‘06 –AD requested a revised ID 8/11 –No related discussion on list –Editors.
Resource Certificate Provisioning Protocol Geoff Huston IETF 70 December 2007.
Sick Leave Attestation Process.
GRID-FR French CA Alice de Bignicourt.
SCVP 18 Tim Polk. Mea Culpa ● Draft -19 omits some promised changes from the March IETF meeting – Document management problems compounded by ID submission.
Phil Hunt, Hannes Tschofenig
Dan Brown, Certicom Research November 10, 2004
Cryptography and Network Security
A secure and traceable E-DRM system based on mobile device
Network Security Unit-IV
Authentication Applications
Considering issues regarding handling token
Challenge-Response New Authentication Scheme
Public Key Infrastructure Using X.509 (PKIX) Working Group
CS 142 Lecture Notes: Network Security
Jan 14, 2010 La Jolla, CA Session #65
CS 142 Lecture Notes: Network Security
Resource Certificate Profile
STIR WG IETF-100 PASSPorT Extension for Resource-Priority Authorization (draft-ietf-stir-rph-01) November, 2017 Ray P. Singh, Martin Dolly, Subir Das,
OAuth Design Team Call 11th February 2013.
STIR WG IETF-99 PASSPorT Extension for Resource-Priority Authorization (draft-ietf-stir-rph-00) July, 2017 Ray P. Singh, Martin Dolly, Subir Das, and An.
CS 142 Lecture Notes: Network Security
PKI (Public Key Infrastructure)
Zero Touch Provisioning for NETCONF/RESTCONF Call Home draft-ietf-netconf-zerotouch-19 NETCONF WG IETF 100 (Singapore)
Authentication and Authorization for Constrained Environments (ACE)
Presentation transcript:

Subject Identification Method August, 2004 Tim Polk, NIST

Status New draft –03 published just before the meeting

Detailed solution Subject contributes a password or random value in addition to SII RA contributes a second random number to prevent pre-calculation attack by client Hash calculation over two randoms and SII Server can confirm Subject-supplied SII given random values

Unresolved Comments Clarify Usage Scenarios Clarify/Enhance certificate request model to –Specify EPEPSI parameters and algorithms –Clarify when RA signs and when subject signs PKCS #10 –Specify attribute to convey info in PKCS #10 IANA registration of SII types?

Way Forward Authors need to work with reviewers to resolve open issues –Publish -04 draft by end of August WG Last Call on -04 draft in September

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.