[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Draft Charter

To: <ietf-trust-anchor@xxxxxxxx>
Subject: Draft Charter
From: "Turner, Sean P." <turners@xxxxxxxx>
Date: Thu, 9 Aug 2007 18:55:47 -0400
List-archive: <http://www.vpnc.org/ietf-trust-anchor/mail-archive/>
List-id: <ietf-trust-anchor.vpnc.org>
List-unsubscribe: <mailto:ietf-trust-anchor-request@vpnc.org?body=unsubscribe>
Organization: IECA, Inc.
Reply-to: <turners@xxxxxxxx>
Sender: owner-ietf-trust-anchor@xxxxxxxxxxxxx
Thread-index: Acfa2GzES6VtkbIxSn+fWYnL9yTUtQ==

Attached is a draft of the charter that was distributed prior to the
meeting.  Primarily we need to discuss the scenarios
(enterprise/non-enterprise) and scoping (browsers/devices/etc).

spt

PS thanks for all the participation at the BOF!

Strawman charter for trust anchor management (tam) BoF

Version: 01, July 9th 2007

Chair(s) 

TBD

Security Area Director(s):

-  Tim Polk <tim.polk@xxxxxxxx>
-  Sam Hartman <hartmans-ietf@xxxxxxx>

Security Area Advisor:

TBD

Mailing Lists:

General Discussion: ietf-trust-anchor@xxxxxxxx
To Subscribe: http://www.vpnc.org/ietf-trust-anchor/
Archive: http://www.vpnc.org/ietf-trust-anchor/mail-archive/

Description of Working Group:

The need for a standard protocol for trust anchor management has been
recognized for some time.  Many groups within the IETF, including PKIX,
Kerberos, TLS and SIDR have a dependency on trust anchors, yet provide no
generic mechanism for the their management.  

A trust anchor is a public key and associated data used by a relying party to
begin the process of validating a signature on a signed object. Associated data
is used to define the scope of the use of the trust anchor for validating
signatures; for example, associated data might limit the types of identifiers
in certificates that a trust anchor is allowed to validate. 

Despite the wide-spread use of trust anchors, there is no standard means for
managing these security-critical data.  This Working Group will develop a
specification to fill this gap.

The initial problem statement for this work is to be based on:

- draft-wallace-ta-mgmt-problem-statement

The scope of the work is to include:

<<list to be developed in Chicago>>
- Supporting a single trust anchor administrator, such as in a typical
  enterprise, who may be administering multiple trust anchors in her domain,
  where those trust anchors can be either local or "foreign"
- Supporting multiple trust anchor administrators, such as is typical for home
  users
- Supporting devices with limited or no user interface that may or may not have
  connected to the Internet

The following are out of scope of this work:

<<list to be developed in Chicago>>
- TBD

The deliverables will be:

- An informational problem statement/requirements specification
  for a trust anchor management protocol
- A standards track trust anchor management protocol 
  specification

Goals and Milestones:

+6 months                 WG last call on problem statement/requirements
+9 months                 Adoption of WG draft protocol spec.
+15 months                WG last call for protocol spec.

Follow-Ups:
- Re: Draft Charter
  - From: Yoav Nir
- Re: Draft Charter
  - From: Stephen Kent
- Re: Draft Charter
  - From: Paul Hoffman

Prev by Date: Re: Nailing down the definition of "trust anchor"
Next by Date: Re: Nailing down the definition of "trust anchor"
Previous by thread: Issue with the requirements document: PKIX-centric terminology
Next by thread: Re: Draft Charter
Index(es):
- Date
- Thread