Public Key Infrastructure Using X.509 (PKIX) Working Group November 10, 2003 1530-1730

PKIX WG (pkix-wg) Web page: charter, current documents http://www.ietf.org/html.charters/pkix-charter.html Mailing List: ietf-pkix@imc.org To Subscribe: ietf-pkix-request@ imc.org, In Body: subscribe Archive: http://www.imc.org/ietf-pkix Chairs Stephen Kent kent@bbn.com Tim Polk tim.polk@nist.gov Security Area Directors Russ Housley housley@vigilsec.com Steve Bellovin bellovin@acm.org

Document Status Review Agenda Bashing Document Status Review Mature Documents Ongoing work items One (anticipated) new work item WG document presentations SIM LDAP specifications Qualified Certificates Certificate Path Building OCSP Liaison OASIS PKI Survey & Action Plan NIST Protection Profiles

New RFCs RFC 3628, Policy Requirements for TSAs RFC 3647, CP/CPS Framework obsoletes 2527

Documents out of WG, I Permanent Identifier CMP, CRMF IESG comments will require a new draft Looking for expert assistance to resolve non-PKIX issues (e.g., URNs) CMP, CRMF Need to obtain input files so that IESG comments can be resolved Need to recruit an editor

Documents out of WG, II Logotypes Forwarded to ADs 3 IESG comments, all addressed by new draft Assuming IESG acceptance, ready for RFC # Forwarded to ADs IP Addresses and AS Identifiers Proxy Certificates

Almost there… SCVP Policies for Attribute Certificates QC ECC (NIST Curves) Path Building

SCVP In WG Last Call Timeline New Draft submitted Next draft will complete resolution of WG Last Call comments and will be forwarded to AD Timeline One more draft in 2003 Forward to ADs by January 2004

Policies for Attribute Certificates In WG Last Call Technically sound and complete New draft forthcoming to resolve all comments Demand has not been demonstrated Options Forward new draft for standards track Forward new draft for informational track Kill

QC New draft submitted Timeline No technical issues remain ASN.1 issues (’93 versus ’88 syntax) Timeline WG Last Call after this meeting Forward to ADs as standards track

ECC “NIST Curves” Technically complete Timeline WG Last Call on current draft Forward to ADs as standards track submission (in line with 3279) by January 2004

Path Building New draft submitted Proposed Timeline Clarified document goals and scope Comments on list Proposed Timeline One more draft in 2003 to address comments 1 week WG Last Call for new draft Forward to ADs January 2004

Ongoing Work Items Subject Identification Method PK Algs LDAP specifications Progression of 3279/3280 OCSPv2 extensions

Subject Identification Method New draft posted Clarified difference between PI and SIM Established Security Requirements Technical issues remain Aggressive schedule New draft beginning Dec 2003 WG Last Call by February 2003

PK Algs Added a new lead editor Excluded RSA KEM from scope Projected Timeline New draft (-01) before Seoul WG Last Call on new draft RFC by following meeting New RSA KEM draft submission TBD

LDAP Specifications All specifications are technically mature Timeline Editor anticipates one or at most two drafts required to address all comments Timeline New drafts in January 2004 WG Last Call by Seoul

Progression of 3279/3280 New lead editor has been identified Document revisions waiting on completion of interoperability testing Path validation tests are being performed by several vendors When results are available, testing will be complete Question for ADs is the interoperability test report required to name participants?

Progression of 3279/3280, continued Timeline Submit first 3280bis draft late January 2003 Complete Interoperability Report Feb. 2003 Submit second 3280bis draft March 2003 Last Call March 2003 Forward to ADs April 2003 Can be accelerated if we don’t name names!

New Work Name Comparison Specification Editors recruited To proceed in parallel with 3280 progression Timeline First draft by Seoul? Completion by Fall 2004 meeting