[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Strawman Charter d05

To: <ietf-trust-anchor@xxxxxxxx>
Subject: Strawman Charter d05
From: "Turner, Sean P." <turners@xxxxxxxx>
Date: Thu, 4 Oct 2007 11:55:05 -0400
List-archive: <http://www.vpnc.org/ietf-trust-anchor/mail-archive/>
List-id: <ietf-trust-anchor.vpnc.org>
List-unsubscribe: <mailto:ietf-trust-anchor-request@vpnc.org?body=unsubscribe>
Organization: IECA, Inc.
Sender: owner-ietf-trust-anchor@xxxxxxxxxxxxx
Thread-index: AcgGnu4C/0pXGTY8Qa2B6BT7MX/3IQ==


Strawman charter for trust anchor management (tam)

Version: 05, October 4th 2007

Chair(s) 

TBD

Security Area Director(s):

-  Tim Polk <tim.polk@xxxxxxxx>
-  Sam Hartman <hartmans-ietf@xxxxxxx>

Security Area Advisor:

TBD

Mailing Lists:

General Discussion: ietf-trust-anchor@xxxxxxxx
To Subscribe: http://www.vpnc.org/ietf-trust-anchor/
Archive: http://www.vpnc.org/ietf-trust-anchor/mail-archive/

Description of Working Group:

The need for a standard protocol for trust anchor management has been
recognized for some time.  Many groups within the IETF, including PKIX,
Kerberos, TLS and SIDR have a dependency on trust anchors, yet provide no
generic mechanism for the their management.

A trust anchor represents an authoritative entity represented via a public
key and associated data.  The public key is used to verify digital
signatures and the associated data is used to constrain the types of
information for which the trust anchor is authoritative.  Relying parties
use trust anchors to determine if digitally signed information objects are
valid by verifying digital signatures using the trust anchor's public key
and by enforcing the constraints expressed in the associated data.

Despite the wide-spread use of trust anchors, there is no standard means for
managing these security-critical data.  This Working Group will develop a
specification to fill this gap.

The initial problem statement for this work is to be based on:

- draft-wallace-ta-mgmt-problem-statement

The scope of the work is to include:

- Supporting systems the require a single trust anchor administrator and
systems that require multiple trust anchor administrators
- Supporting systems with limited or no user interface
- Supporting devices that may or may not be connected to the Internet at the
time of management (e.g., relying on physical delivery of trust anchor
management messages)

The following are out of scope of this work:

- Management of non-anchor signature validation objects such as intermediate
certificates in a validation path.
- Mandating whether the recipient of trust anchors from a trust anchor
manager will use those anchors.


The deliverables will be:

- An informational problem statement/requirements specification for a trust
anchor management protocol
- Standards track trust anchor management protocol specifications

Goals and Milestones:

+6 months                 WG last call on problem statement/requirements
+9 months                 Adoption of WG draft protocol spec.
+15 months                WG last call for protocol spec.

Prev by Date: Re: Strawman Charter d04
Next by Date: For your consideration: TAMP and CCC
Previous by thread: Strawman Charter d04
Next by thread: For your consideration: TAMP and CCC
Index(es):
- Date
- Thread