Security Area Advisory Group 9 November 2006 Russ Housley Sam Hartman
Agenda ● WG Reports ● BOF Reports ● Invited Presentations – Embedding Security Knowledge in RFCs (Venkat Pothamsetty) – Real Attacks and Threat Models (Steve Bellovin) – How Not To Protect PC’s From Power Analysis (Russ Housley on behalf of Adi Shamir) ● Open Microphone
EMU (EAP Methods Update) ● Joe Salowey
MSEC (Multicast Security) ● Ran Canetti ● Lakshminath Dondeti
BTNS (Better-Than-Nothing Security) ● Love Hörnquist Åstrand ● Pekka Nikander
DKIM (Domain Keys Identified Mail) ● Stephen Farrell ● Barry Leiba
KRB-WG (Kerberos) ● Jeffrey Hutzelman
Kitten (GSS-API Next Generation) ● Jeffrey Altman
NEA ( Network Endpoint Assessment ) ● Steve Hanna ● Susan Thomson
HOKEY ( Handover Keying ) ● Charles Clancy ● Glen Zorn
SASL (Simple Authentication and Security Layer) ● Tom Yu ● Kurt Zeilenga
PKIX (Public-Key Infrastructure using X.509) ● Steve Kent ● Stefan Santesson
S/MIME (Secure MIME) ● Blake Ramsdell ● Sean Turner
ISMS (Integrated Security Model for SNMP) ● Juergen Schoenwaelder ● Juergen Quittek
LTANS (Long-Term Archive and Notary Services) ● Tobias Gondrom ● Carl Wallace
TLS (Transport Layer Security) ● Pasi Eronen ● Eric Rescorla
SPKM BOF (NFSv4 and Low Infrastructure Public Key Based GSS Security Mechanisms) ● Jeff Hutzelman
KeyProv (Provisioning of Symmetric Keys BOF) ● Phillip Hallam-Baker ● Susan Cannon
Invited Presentations ● Embedding Security Knowledge in RFCs – Venkat Pothamsetty ● Real Attacks and Threat Models – Steve Bellovin ● How Not To Protect PC’s From Power Analysis – Russ Housley on behalf of Adi Shamir
Open Microphone ● Concern? ● Issue? ● Plea for help? ● Soap box?