Presentation is loading. Please wait.

Presentation is loading. Please wait.

Technical Working Group June 2001 Andrew Nash Steve Lloyd.

Published byOlivia Strickland Modified over 8 years ago

Similar presentations

Presentation on theme: "Technical Working Group June 2001 Andrew Nash Steve Lloyd."— Presentation transcript:

1 Technical Working Group June 2001 Andrew Nash Steve Lloyd

2 Agenda Agenda praise (in lieu of bashing) –a TWG tradition (praise that is …) Introductions –Name, Company, Vendor/Exploiter/Customer Objectives and Ground Rules Project and White Paper Objectives Status at end of March Meeting

3 TWG Agenda for Wednesday 6/20 Thursday 6/21 Path Construction CESG Status (UK Govt Interop Trial) LDAP white paper Application certificate usage Token Interoperability CMP Interoperability TTT Bridge CA OCSP PKI Challenge AKID/SKID Interop Guide Wireless certificates Future Work

4 Introductions Andrew Nash –RSA Security –PKI Vender Steve Lloyd –Entrust –PKI Vendor Your turn –Name, Company, Vendor/Exploiter/Customer

5 Objectives and Ground Rules “… to accelerate the adoption and use of Public-Key Infrastructure (PKI) and PKI- based products and services.” –Leverage the expertise of Members –Projects lead by PKI Forum members –Results clearly PKI Forum effort –Maximum Involvement of all parties –Leverage existing standards, efforts, skills and organizations

6 … and other things Mailing list signup and use Project Plans and Status Business WG organization –Marketing/Education –Policy & Privacy –Best Practices –Applications/Vert. Markets

7 Major Project Work Methodology Description of task White papers/educational material/test cases Interoperability workshops Internal documentation of results/lessons learned/recommendations External documentation Focus on making it work!

8 External Project Report Objectives Written materials reporting results –White papers –Matrices –Presentations Interim results remain private to PKIF Consensus on timing and nature of results –Positive results desired –Describe PKI successes, not disadvantage products that don’t work during testing

9 White Paper Objectives Address topics that will advance PKI interoperability What does PKIF have to add –LDAP –Path Construction –NOT remote path validation! May be related to specific Major Projects Editor responsible to drive Review/approval on list to assure agreement

10 Status from San Jose - March 2001 Meeting minutes are required We meet this requirement with “real time” PPT notes If time permits, quick review before Joint Session Input Solicited ParticipantsMarch San Jose December Sydney September Montreal Vendor1435%1345%2043% ISV/Exploiter1948%1241%1638% Customer**717%49%1024% 402946 ** Customers include consultants

11 TWG Progress In Progress: 4 Major Interoperability Projects 5 White Papers (more in the pipe) 3 PKI Notes Complete: 1 Major Interoperability Project 1 White Paper

12 Path Construction Stephen Farrell/Steve Lloyd White paper –Explain functionality and identify recommendations Assumptions –Assume complex certificate paths Hierarchical/Distributed/Bridge CA/Combination trust models –Concentrate on LDAP/X.509/HTTP access methods CA-CA Interoperability paper relies on this paper to address “path bounding” Plan –1 st draft due June 2001 –Final submission Sept 2001

13 Application Certificate Usage David Crowe Deliverables –Data sheets describing pair wise vendor results Product descr, interoperable functionality, config notes Entrust/Xcert, RSA Security/Xcert, SECUDE/Xcert –Certificate library – librarian: Tony Rogers Parallel activities with the CESG and EEMA Issues: –IPSec certificate usage is open –More results required for successful completion Future –Direct testing between companies proposed – some results already exist with companies like Microsoft –Forum assumes a brokerage role (incl coordination of announcements)

14 Certificate Library Tony Rogers Initial certificates provided by Computer Associates PKI Forum web site –FTP down load certificates, descriptions possibly associated private keys LDAP server to be established as a certificate source Certificate samples requested from members now –CA, SSL server, SSL client, e-mail Optional CRL Optional known bad certificate examples

15 CA-CA Interoperability Steve Lloyd Address technical aspects of CA-CA interoperability –emphasis on “inter-domain interoperability” Discussion paper delivered –project did not include interoperability demonstrations Recommended that non-technical issues (business relationships/legal) be addressed by the Policy & Privacy subgroup One activity among others –this activity was purposely focused on inter-domain interoperability issues

16 CMP Interoperability Bob Moskowitz No group testing in last quarter (some point-to-point) Support DSA and RSA Supported direct TCP Press announcement – Feb ’01 Further testing on additional protocol features

17 LDAP David Finkelstein Limited progress to date Initial draft has limited distribution Focused effort avail from this point forward Outline –Schema requirements –Creation, modification search requirements –Access control requirements CA vendor use of LDAP imposes unique implications

18 OCSP Alistair Grant Goal: –Promote interoperability between implementations of OCSP (RFC 2560) Project proposal – Dec 2000 Agreed project plan – Feb 2001 Public OCSP responder established – March 2001 BOF planned for Thursday afternoon Testing planned for April/May

19 Other Discussions XML Key Mgmt System (XKMS) Warwick Ford –Microsoft, VeriSign, webMethods and others –Application enabled to use 2G PKI services –Simplify the application interface –Hides complexity of PKI structure such as trust models

20 Other Discussion CESG Interoperability Richard Lampard –Heterogeneous CA hierarchy –Interop trial to resolve issues Large set of standards Work with large set of vendors Understand state of industry and technology –Application interop included S/Mime interop –15 vendors –Bake-off 12-16 Feb ’01 –Report will distribute test results

21 www.PKIForum.org

Download ppt "Technical Working Group June 2001 Andrew Nash Steve Lloyd."

Similar presentations

NIH-EDUCAUSE PKI Interoperability Project Electronic Grant Application With Multiple Digital Signatures Peter Alterman, Ph.D. Director of Operations Office.

NIH-EDUCAUSE PKI Interoperability Project Electronic Grant Application With Multiple Digital Signatures Peter Alterman, Ph.D. Director of Operations Office.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
PKI -An Industry Perspective Lisa Pretty Executive Director.

PKI -An Industry Perspective Lisa Pretty Executive Director.
PKI Forum Application Cert Interop Project David Crowe

PKI Forum Application Cert Interop Project David Crowe
PKIF TWG Report 29 June 2000 Mark Davis Andrew Nash et al.

PKIF TWG Report 29 June 2000 Mark Davis Andrew Nash et al.
PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.

PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.
EEMA’s pki Challenge Paul Green – VeriSign and pkiC testing participant.

EEMA’s pki Challenge Paul Green – VeriSign and pkiC testing participant.
Resource PKI: Certificate Policy & Certification Practice Statement Dr. Stephen Kent Chief Scientist - Information Security.

Resource PKI: Certificate Policy & Certification Practice Statement Dr. Stephen Kent Chief Scientist - Information Security.
13 Sept 00 Token Interoperability and Portability Project status report John Hughes Montreal - 14 September 00.

13 Sept 00 Token Interoperability and Portability Project status report John Hughes Montreal - 14 September 00.
Obstacles to PKI Deployment and Usage - Survey Results and Draft Action Plan Steve Hanna, Co-chair, OASIS PKI TC.

Obstacles to PKI Deployment and Usage - Survey Results and Draft Action Plan Steve Hanna, Co-chair, OASIS PKI TC.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Understanding Active Directory

Understanding Active Directory
1 USHER Update Fed/ED December 2007 Jim Jokl University of Virginia.

1 USHER Update Fed/ED December 2007 Jim Jokl University of Virginia.
VDA Security Services Freeware Libraries Update IETF S/MIME WG 29 March 2000 John Pawling J.G. Van Dyke & Associates (VDA), Inc;

VDA Security Services Freeware Libraries Update IETF S/MIME WG 29 March 2000 John Pawling J.G. Van Dyke & Associates (VDA), Inc;
Exchange Network Node Help Desk NOLA Conference Feb 9-10, 2004.

Exchange Network Node Help Desk NOLA Conference Feb 9-10, 2004.
1 PKI Update September 2002 CSG Meeting Jim Jokl

1 PKI Update September 2002 CSG Meeting Jim Jokl
1 MBA PROJECT 2013-2014 Nasir Afghan/Asad Ilyas. 2 Objective To enable MBA students to execute a client focused challenging assignment and to enhance.

1 MBA PROJECT Nasir Afghan/Asad Ilyas. 2 Objective To enable MBA students to execute a client focused challenging assignment and to enhance.
Best Practices Working Group June 19-21, 2001 Munich, Germany.

Best Practices Working Group June 19-21, 2001 Munich, Germany.
Active Directory ® Certificate Services Infrastructure Planning and Design Published: June 2010 Updated: November 2011.

Active Directory ® Certificate Services Infrastructure Planning and Design Published: June 2010 Updated: November 2011.
SNIA/SSIF KMIP Interoperability Proposal. What is the proposal? Host a KMIP interoperability program which includes: – Publishing a set of interoperability.

SNIA/SSIF KMIP Interoperability Proposal. What is the proposal? Host a KMIP interoperability program which includes: – Publishing a set of interoperability.

Similar presentations

Ads by Google