Presentation is loading. Please wait.

Presentation is loading. Please wait.

KMIP v.Next PGP Support 1 Michael Allen Sr. Technical Director, Symantec.

Published byTabitha Chase Modified over 8 years ago

Similar presentations

Presentation on theme: "KMIP v.Next PGP Support 1 Michael Allen Sr. Technical Director, Symantec."— Presentation transcript:

1 KMIP v.Next PGP Support 1 Michael Allen Sr. Technical Director, Symantec

2 Agenda KMIP v.Next PGP Support 2 Trust Establishment 1 Current KMIP Situation 2 Proposed Enhancements 2

3 Trust Establishment - Email 3 KMIP v.Next PGP Support

4 Trust Establishment – External Directory 4 KMIP v.Next PGP Support

5 Where Are We Now 5 KMIP v.Next PGP Support

6 Note About Notation 6 KMIP v.Next PGP Support

7 How Do We Fit This Into That? 7 KMIP v.Next PGP Support

8 What’s Missing from KMIP? 8 2 Each PGP key have multiple user IDs (usually email addresses, can be images as well) Searches for other PGP keys usually use these user IDs KMIP has certificate identifier but doesn’t have the right bits in that attribute User IDs can be signed just as keys can be signed Multiple User IDs 1 A PGP key consists of a unifying key and multiple purpose-specific sub keys Keys are tied together via signatures between each other KMIP doesn’t have a link notion between sets of public / private key pairs Top Key / Sub Key Structures 3 Anyone’s PGP key can sign another key These signatures may play a role in arbitrary trust calculations Arbitrary Signature Sets 4 PGP-specific feature where the key ID of another PGP key rides along with one’s own PGP key Anything encrypted with one’s PGP key also gets encrypted to the ADK Searches for ADK occur via its key ID Additional Decryption Key KMIP v.Next PGP Support

9 PGP Certificate Type Re-Examined 9 KMIP v.Next PGP Support

10 Top Key and Sub Key Link Objects 10 KMIP v.Next PGP Support

11 Top Key and Sub Key Link Objects 11 KMIP v.Next PGP Support

12 New Link Types 12 KMIP v.Next PGP Support Table 9.1.3.2.20: Link Type Enumeration

13 New PGP Key ID Attribute 13 KMIP v.Next PGP Support Section 3.XX

14 New PGP User ID Attribute 14 KMIP v.Next PGP Support Section 3.XX

15 New PGP ADK Attribute 15 KMIP v.Next PGP Support Section 3.XX

16 New PGP Signature Attribute 16 KMIP v.Next PGP Support Section 3.XX

17 Thank you! 17 Michael Allen mike_allen@symantec.com 650-527-0716

Download ppt "KMIP v.Next PGP Support 1 Michael Allen Sr. Technical Director, Symantec."

Similar presentations

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Summer School Certificates Diego Romano & Gilda Team.

Summer School Certificates Diego Romano & Gilda Team.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.

Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.
CSCI 530L Public Key Infrastructure. Who are we talking to? Problem: We receive an e-mail. How do we know who it’s from? E-Mail address Can be spoofed.

CSCI 530L Public Key Infrastructure. Who are we talking to? Problem: We receive an . How do we know who it’s from? address Can be spoofed.
Lecture 12 e-mail Security. Summary  PEM  secure email  PGP  S/MIME.

Lecture 12 Security. Summary  PEM  secure  PGP  S/MIME.
S/MIME Email and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.

S/MIME and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.

Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Computer Science Public Key Management Lecture 5.

Computer Science Public Key Management Lecture 5.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Public Key Infrastructure Ammar Hasayen 2013. ….

Public Key Infrastructure Ammar Hasayen ….
Masud Hasan 03-60-475 Secure Email Project 1. Secure Email It uses Digital Certificate combined with S/MIME capable email clients to digitally sign and.

Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.

Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Electronic Mail Security

Electronic Mail Security
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Secure e-mail r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

Similar presentations

Ads by Google