Presentation is loading. Please wait.

Presentation is loading. Please wait.

Members Meeting December, 2000 Sydney. Sydney Meeting u 73 Attendees u Day 1 Plenary provided valuable input for the working groups u 5 working groups.

Published byLydia Poole Modified over 9 years ago

Similar presentations

Presentation on theme: "Members Meeting December, 2000 Sydney. Sydney Meeting u 73 Attendees u Day 1 Plenary provided valuable input for the working groups u 5 working groups."— Presentation transcript:

1 Members Meeting December, 2000 Sydney

2 Sydney Meeting u 73 Attendees u Day 1 Plenary provided valuable input for the working groups u 5 working groups progressed existing work items and introduced new work items u First deliverables of both TWG and BWG received final review

3 Technical Working Group

4 Working Group Introduction Session u Introductions u Objectives and Ground Rules u Project and White Paper Objectives u Status at end of September Meeting ParticipantsDecemberSeptember Vendor1345%2043% ISV/Exploiter1241%1638% Customer49%1024% 2946

5 CMP Interoperability Project u Robert Moskowitz u Goals –Establish the baseline of mandatory CMP functions Done! –Establish the optional, but important CMP functions Done! –Expose any deficiencies of difficulties with the specification and provide needed feedback to the IETF on recommended changes to the specification Progress! –Provide the foundation for future product testing so that customers will be able to buy PKI products with confidence Light at the end of the tunnel!

6 What is CMP Interoperability u Over 80 Testing combinations u Make as complex as you want u Not all implementations need to be that complex u ICSA coordinating u 11 Companies active u 5 More “pending”

7 u Over the Internet workshops are viable u CMP Interop does not currently exist –All participants were using pre-production code u Basic CMP Interop WAS achieved this year –EE to CA, not CA to CA u Pending Work Items –CMP Transport poling, QC, application testing u More Participation needing. u Status Report using matrizx CMP Interoperability Status

8 CA-CA Interoperation u Steve Lloyd u Goal – Identify problem areas u Sources – Government specifications u Several options of CA-CA relationships have varying applicability u Schedule – Final Draft 22 December 2000 u APEC meeting in March u How to do profiling (Davis lead, 4 others)

9 Review of CA-CA Paper u “Delegated Path discovery and verification” instead of “OCSP” u Section 3 is not only summary of Initiatives, but also supplies many lessons learned. u Add section on WEMA challenge (Warwich) Volunteer) u Detailed reviews of section 2.8 and Recommendations

10 Comparison of Interdomain Interoperability Approaches u Changes to table … u Cross Cert on page 7 very general, but table only in more limited sense u Need more clear dealing with path length constraints and trust cascades (AN) u Directory information sharing considerations –Information that is the same for all options should be in LDAP WP. –Some path construction in Path Construction WP –Option specific issues in this WP u Some theoretical distinctions on options need to be addressed in the text. Leave the table as is(AN)

11 Table Continued u Trust list versus manually installed roots u Accreditation vs. Strict Hierarchy u MZ has suggested categorization to aid the table understandability. (MZ)

12 CA-CA Paper Recommendations u March meeting APEC meeting 12-16March 2000 u Consider removing #6 on demo’s u #7 (profiles) needs more study. Lloyd, Zolotarev, Lampert, Davis, Nash u #8 Privacy/ Policy “in cooperation” u #9 on path construction. Clarify requirements on software. u Need recommendation on LDAP

13 Token Interoperability u John Hughes (Andrew Nash Reporting) u White Papers –Scope of White Paper Token interoperability inhibits Environments PKCS 11, 15 vs. IETF Need a “Token Best Practices” –Chapters Business Requirements, API’s, Token Formats, Mobile Users, Recommendations Chapter owners –Slow progress, draft by March meeting

14 Token Interoperability (cont) u PKCS Workshop u PKCS #11 compliance test u PSE Contents –Input from PKCS #15, sacred, cmp testing u No real progress September to December –Planned work starting in January

15 UK Government Interoperability Trial u Richard Lampert u 15 participants (many more than expected) u “Island department PKIs” with domain u Common repository (X500 from Novel) u Number of vendors implies detail planning u Internet trial followed by face to face test u Open day for Government Customers in April 2001 u Test report in April 2001

16 Interoperability White Paper Review u Steve Lloyd and Lisa Pretty u Concepts from Tim Polk presentation in March 2000 u Definition of terms for interoperability u Final comments by Dec 11 u Board approval Dec 13 u Possible publish in “international magazine”

17 Application Certificate Use Project u David Crowe u Results Datasheets completed by testers u Certificate library –Review process will be required u Datasheets –Product Descriptions, functionality, configuration notes u Test Scripts –SSL, S/MIME e-mail, Cert Path construction and validation

18 Application Cert Use Status u Cert library Considerations –Unicert 12.7 cert –CRL Dist Points (by agreement) –Do need PKCS 12 –Need CRLs that don’t expire and CRL’s you would get from CDP u Participation and lack of progress

19 Progress to date u Very little testing since Montreal u Some drafts prepared, but none reviewed u Initial Certificates at library u More resource on Library (Tony Rogers) u Consider IPSec as another application u An important project

20 Steve Orlowski u Steve is from APEC eSecurity Task Group u Certs under multiple jurisdictions –Singapore, Japan, Korea –Govt schemes Australia, USA u Key is accreditation u Criteria similar, but hard to line up u APEC/EU common criteria –Certificate to support international trade –Fitness for purpose based

21 OCSP Testing Proposal u Alistair Grant u Based on questions from customers u Testing Categories –ASN.1, CertID interpretation, sig conformance, extensions, return code, scenarios u Test Groups –Responder/resp, client/resp, CA/resp u Likely hot spots –Req sig, resp sig, IssuerKey Hash u Next steps –Define set of tasks –Produce project plan/deliverables u Points –1 –2 –German paper u Rob Moskowitz or Carlin Kovey

22 Path Construction White Paper u Mark Davis u High interest in paper u Theoretical issues under control –Graph theory algorithms u Operational and implementation problems issue –Repository/schema problems –Resource problems –Deployment problems –More help from protocols and business process u WP contribution is guidance on operational matters u Do we have experience and resources

23 Community of Interest Discussion u Stephen Wilson u Policy OIDs of CA’s and resolution of multiple CA u Audit certificate carries OID u Many topics to continue discussion on he list u Stephen Wilson will circulate his paper

24 LDAP White Paper u Dave Finkelstein (Andrew Nash Presenting) u David writing straw man paper to get motion u Draft circulated by end of December u Patrick Fantou report on LDAP Survey –Reduce Circulate –Detail questions – too large to complete –Missing areas – application use, name mapping, how searches are done, path constructions –Coordinate with other surveys –Direction: survey, then WP, or survey and WP in ||

25 Technical Interoperability u Robert Moscowitz u Issues on CA’s, Lifecycle, repositories, Certificate validation u Why have infrastructure, then how does it u Bob will submit draft for consideration

26 Marketing/Education Working Group

27 Mission Statement The Education Work Group’s mission is to create informational pieces that help promote the understanding and value of PKI from both a business and technical perspective.

28 PKI Tutorial and White Paper Companion u 2 Separate presentations –Business target audience PPT PDF –Technical target audience PPT PDF

29 Rollout Timeline u 3 Review target dates –Dec 22, 2000 submission to ED WG for final comments –Jan 15, 2001 submission to BWG and TSG for comments –Jan 31, 2001 submission to Board for approval u Feb 14, 2001 final version posted to web site

30 New Project : Security in E- Business u Biz confidence is based on trust. u Biz wants to move/is moving more processes to the electronic world u Same trust is required in the physical and electronic world u PKI helps mitigate business risk in the electronic world

31 E-Business White Paper: u Security in E-Business White Paper u Authors: Mike Jeffries, Dan Morrison, Bill Franklin u 1st Draft for ED WG review: Dec 22, 2000

32 Policy & Privacy Working Group

33 Policy and Privacy Working Group Summary u 11 participants over two days u Reviewed Montreal meeting project proposals u Reviewed submitted Work Items u Moved one item to final draft, one item to final WG review u Created mission statement, objectives,work plan approval process, future meeting schedule u Had great commitment from the team

34 Policy and Privacy Working Group Summary u Mission Statement: –“To provide information and guidance on the policy and privacy needs and issues related to the development, implementation, and usage of PKI.”

35 Policy and Privacy Working Group Summary u Objectives: Develop documents defining high-level environments, principles, policies, and practices which support government, business, and consumer use of PKI to perform electronic processes Develop documents defining the implementation of privacy policies using PKI Develop projects that promote understanding and provide guidance for the implementation of policies across jurisdictions using PKI

36 Policy and Privacy Working Group Summary u Major Current Work Items –PKI Policy Principles agreed to final draft will send for BWG/TWG final review –PKI Policy Note agreed to revised language will include one additional business example Expect WG review within 2-3 weeks and final draf t in January –E-Sign Analysis Established working committee to address re-write u Other Work Items – future meetings-calls

37 Best Practices Working Group

38 Best Practices Summary Wed December 6 th : u New Members (Japan & India) u Definition –guideline based on material that is –pertinent –actionable –enforceable –auditable u Need common glossary, maybe RFC2828

39 Best Practices Summary u Actions/dates assigned for BP chapters: –Value proposition –Risk Management –Planning for successful PKI deployment –Key management –Audit - 3rd party attestation –Legal FAQ and pointers –Registration procedures –TimeStamping/proofing –Accreditation and independent validation u Info to come from APac, NA, and EU

40 Best Practices Summary u Best practices evolve with time (mechanism to keep current) u Conclusion –Monthly conference calls are needed to progress this work –Chair will distribute draft Best Practices paper by 14 February 2001 u Thurs December 7 th - n/a

41 Best Practices General Comments u Need to avoid duplication of effort - WG Chairs need to communicate and WG members should have a synopsis of activities and boundaries of each group u Board should be providing members with –schedule of PKIForum-level deliverables across all WGs –copy of PKIForum Business Plan that describes linkages between all working (and sub- working) groups

42 Applications Working Group

43 Applications Summary u Revised Mission Statement –To provide a forum that encourages sharing business experience, and to produce deliverables that highlight the driving PKI applications within Financial Services, Healthcare, Government, and other influential vertical markets. u Process reviewed with Board u Healthcare Note – final-final comments to Ray by next week

44 Applications Summary u Open solicitation for Project Leads –Financial Services Note and Government Note u Open solicitation for contributors to case studies u Timeline: submissions by mid-late January to leave enough review time before March meeting

45 Next Steps u Complete evaluation forms! u Don’t wait until next meeting to progress work items u Keep PKI Forum objectives in mind and identify actions to advance u Member surveys will be sent out through mailing list in early January u Next Meeting March 13-15 in California –Bay area venue to be set and announced early January –Agenda to be published the end of January u Website overhaul and improved information availability

Download ppt "Members Meeting December, 2000 Sydney. Sydney Meeting u 73 Attendees u Day 1 Plenary provided valuable input for the working groups u 5 working groups."

Similar presentations

Preparation of the Self-Study and Documentation

Preparation of the Self-Study and Documentation
WP4 – Task 4.4 LCA Activities

WP4 – Task 4.4 LCA Activities
Enabling Access to Sound Archives through Integration, Enrichment and Retrieval WP1. Project Management.

Enabling Access to Sound Archives through Integration, Enrichment and Retrieval WP1. Project Management.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
Copyright © 2008 Software Defined Radio Forum, Inc. All Rights Reserved SDR Forum Document Development Process.

Copyright © 2008 Software Defined Radio Forum, Inc. All Rights Reserved SDR Forum Document Development Process.
Russ Housley IETF Chair 23 July 2012 Introduction to the IETF Standards Process.

Russ Housley IETF Chair 23 July 2012 Introduction to the IETF Standards Process.
1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation 23-25 May 2012, Kish Island, I.R.IRAN.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.
PKIF TWG Report 29 June 2000 Mark Davis Andrew Nash et al.

PKIF TWG Report 29 June 2000 Mark Davis Andrew Nash et al.
MPKI Interoperability I-D ChangeLog from -01 to -02 Jan 16, 2004 Masaki SHIMAOKA SECOM Trust.net.

MPKI Interoperability I-D ChangeLog from -01 to -02 Jan 16, 2004 Masaki SHIMAOKA SECOM Trust.net.
MPKI Interoperability I-D ChangeLog from -00 to -01 Oct 27, 2003 Masaki SHIMAOKA SECOM Trust.net.

MPKI Interoperability I-D ChangeLog from -00 to -01 Oct 27, 2003 Masaki SHIMAOKA SECOM Trust.net.
13 Sept 00 Token Interoperability and Portability Project status report John Hughes Montreal - 14 September 00.

13 Sept 00 Token Interoperability and Portability Project status report John Hughes Montreal - 14 September 00.
Technical Writing II Acknowledgement: –This lecture notes are based on many on-line documents. –I would like to thank these authors who make the documents.

Technical Writing II Acknowledgement: –This lecture notes are based on many on-line documents. –I would like to thank these authors who make the documents.
Slide: 1 27 th CEOS Plenary |Montréal | 5 - 6 November 2013 Agenda Item: 15 Chu ISHIDA(JAXA) on behalf of Rick Lawford, GEO Water CoP leader GEO Water.

Slide: 1 27 th CEOS Plenary |Montréal | November 2013 Agenda Item: 15 Chu ISHIDA(JAXA) on behalf of Rick Lawford, GEO Water CoP leader GEO Water.
W3C XML Query Language Working Group Mark Needleman Data Research Associates ZIG Current Awareness Session July 13, 2000.

W3C XML Query Language Working Group Mark Needleman Data Research Associates ZIG Current Awareness Session July 13, 2000.
9/20/2000www.cren.net1 Root Key Cutting and Ceremony at MIT 11/17/99.

9/20/2000www.cren.net1 Root Key Cutting and Ceremony at MIT 11/17/99.
ISO 9001:2015 Revision overview - General users

ISO 9001:2015 Revision overview - General users
Query Health Business Working Group Kick-Off September 8, 2011.

Query Health Business Working Group Kick-Off September 8, 2011.
Proceedings and Report of the Expert Meeting: Arrangements Proceedings and Report of the Expert Meeting: Arrangements.

Proceedings and Report of the Expert Meeting: Arrangements Proceedings and Report of the Expert Meeting: Arrangements.
3 Dec 2003Market Operations Standing Committee1 Market Rule and Change Management Consultation Process John MacKenzie / Darren Finkbeiner / Ella Kokotsis,

3 Dec 2003Market Operations Standing Committee1 Market Rule and Change Management Consultation Process John MacKenzie / Darren Finkbeiner / Ella Kokotsis,
April 11, 2007 Prepared by the North American Energy Standards Board 1 North American Energy Standards Board Standards Development Process.

April 11, 2007 Prepared by the North American Energy Standards Board 1 North American Energy Standards Board Standards Development Process.

Similar presentations

Ads by Google