Credential and Provisioning BOF (enroll) Thursday, July 17 at 0900-1130 ============================== CHAIR: Jim Schaad AGENDA: - Intro and Agenda Bashing (5 min) - Overview of Expected Scope (15 min) - Charter Discussions (15 min) - Model Presentations - Weak Authentication (10 min) - Shared Secret (10 min) - Introduction Model (10 min) - Call for Participation (5 min) - Open Discussion (30 min) Description of Working Group: There are many cases where a client needs to obtain credential information from a service provider and provide some type of information for validation of identities (client and/or service provider). This working group will look at some of the cases dealing with the use of cryptographic algorithms for providing this information. When doing enrollment of a client against a service provider, three pieces of information need to be provided or created in order to support authentication of the service consumer to the service provider (and vice versa) and to allow for additional security services to be provided any information exchanged. These pieces of data are: 1. The "entity label" for the service consumer, 2. A piece of keying information to be used 3. A set of permissions for operations for the service consumer. Each of these data items could be created by either the client or provider at any point during the enrollment process. This group will create a model to be used in describing enrollment procedures and create a document for a framework how this is to be done. The group will then produce three documents profiling the use of the framework for the following cases: 1. A shared secret key 2. A bare asymmetric key 3. A bound asymmetric key (e.g. an X.509 certificate). As part of the validation of the framework, the group will examine how other real world enrollment procedures could be profiled. (An example of this would be credit card usage.) The Group currently has no drafts. Goals and Milestones: Sept 2003 First draft of model Dec 2003 Last call on model document Nov 2003 First draft of Framework document April 2004 Last call on Framework document March 2004 First draft of secret key profile March 2004 First draft of bare asymmetric key profile March 2004 First draft of bound asymmetric key profile Aug 2004 Last call on secret key profile Aug 2004 Last call on bare asymmetric key profile Aug 2004 Last call on bound asymmetric key profile Mailing Lists: General Discussion: ietf-enroll@mit.edu To Subscribe: send email to ietf-enroll-request@mit.edu In Subject: subscribe