*HEPKI-TAG Conference Call* August 10, 2005
*Action Items*
(new)
[AI] All who have time to investigate one or more of the signing tools
at
http://middleware.internet2.edu/hepki-tag/new/signing.html will contact
Jim.
(from previous calls)
[AI] Jim will continue looking at PKI Lite cert profiles for Rice's
code-signing
application.
[AI] Eric will call Mozilla's attention to the fact that they don't
support the
standards needed to recognize trust anchors on tokens, and nudge them
to do
something about it.
[AI] Eric will continue seeking feedback on his Top 10 lists,
especially from
HCISec.
[AI] Jim will get an OID for PKI Lite from MACE.
[AI] Mark will ask Jed Dobson for more information on OSG.
[AI] David will look at some of the products listed at
http://middleware.internet2.edu/hepki-tag/new/signing.html
in the light of the list of questions there.
[AI] Neal will continue looking at OpenOffice, and Jim will look at
eLock.
[AI] Jim will send the list more information on the Acrobat
transcript-signing
work at U. of Chicago.
[AI] Jim will draft a discussion of the pros and cons of hierarchical
and flat
campus PKIs for discussion on a future call.
[AI] All will send Jim further suggestions for TAG projects.
[AI] Jim will send mail to people who have expressed interest in various
possible areas of work for TAG, and work toward finding a focus for the
group.
*Attendees*
Jim Jokl (chair) - Virginia
Eric Norman - Wisconsin
Bob Morgan - Washington
David Wasley - independent
Nick Lewis - Internet2
Ben Chinowsky (scribe) - Internet2
*Discussion*
Jim noted that the USHER PA is now meeting regularly, and asked the
group for
its thoughts on whether or not there should be constraints on USHER
schools
issuing authority certs. There was consensus that the guiding principle
should
be to avoid constraints that make PKI deployment harder, that a
prohibition on
issuing authority certs would not make PKI deployment harder, and that
common-sense restrictions in this area should be part of USHER policy.
Jim noted the continuing need for volunteers to evaluate signing tools;
see
http://middleware.internet2.edu/hepki-tag/new/signing.html. [AI] All
who have
time to investigate one or more of the signing tools at
http://middleware.internet2.edu/hepki-tag/new/signing.html will contact
Jim.
The group briefly reviewed the recent Dartmouth PKI Summit. David noted
that he
was impressed with the turnout, and that he's been following up on
discussions
at the meeting by working on a paper addressing some under-appreciated
issues
with policy mapping. Proceedings of the PKI Summit are at
http://www.educause.edu/Proceedings/6762.