HEPKI-TAG Conference Cal

*HEPKI-TAG Conference Call*
May 17, 2006

*Action Items* (new)
[AI] Jim will incorporate the group's feedback into the next draft of ca-req.html.

(from previous calls)
[AI] All will ask their contacts what material their schools would find most useful in a PKI implementers workshop.
[AI] David will follow up on SAFE's open-source signing work. [AI] All will send URLs for CA software (open-source or not) to TAG.
[AI] Eric will let TAG know when Ron DiNapoli's work on Aladdin eTokens on Macintosh is available for the group to look at.
[AI] All will look at http://www.gridpma.org/ for materials for the CA Audit project to point to or extract from.
[AI] Bob will send out pointers on UW's experience with the Federal Credential Assessment Framework (CAF).
[AI] All who can test the Eudora S/MIME plugin, or find others to do so, will contact Jim.
[AI] Jim will expand the signing-tools matrix with columns on APIs and scripting tools; multiple signatures (parallel vs. stacked); and whether or not the tool lets you add a trust anchor.
[AI] All who have time to investigate one or more of the signing tools at http://middleware.internet2.edu/hepki-tag/new/signing4.html will contact Jim.
[AI] Jim will continue looking at PKI Lite cert profiles for Rice's code-signing application.
[AI] Eric will call Mozilla's attention to the fact that they don't support the standards needed to recognize trust anchors on tokens, and nudge them to do something about it.
[AI] Eric will continue seeking feedback on his Top 10 lists, especially from HCISec.
[AI] Jim will get an OID for PKI Lite from MACE.
[AI] Mark will ask Jed Dobson for more information on OSG.
[AI] David will look at some of the products listed at http://middleware.internet2.edu/hepki-tag/new/signing4.html in the light of the list of questions there.
[AI] Neal will continue looking at OpenOffice, and Jim will look at eLock.
[AI] Jim will send the list more information on the Acrobat transcript-signing work at U. of Chicago.
[AI] Jim will draft a discussion of the pros and cons of hierarchical and flat campus PKIs for discussion on a future call.
[AI] All will send Jim further suggestions for TAG projects.
[AI] Jim will send mail to people who have expressed interest in various possible areas of work for TAG, and work toward finding a focus for the group.

*Attendees*
Jim Jokl (chair) - Virginia
Neal McBurnett - Internet2
Nathan Faut - KPMG
Jeff Schiller - MIT
Eric Norman - Wisconsin
Scott Rea - Dartmouth
David Wasley - independent
Ben Chinowsky (scribe) - Internet2

*Discussion*
Jim pointed the group to the Grid PMA authentication profiles at http://www.tagpma.org/authn_profiles/ . All are encouraged to compare these with PKI-Lite for discussion on a future call.

Most of the call was spent reviewing the draft list of requirements for the packaged-CA project at http://middleware.internet2.edu/hepki-tag/new/ca-req.html. [AI] Jim will incorporate the group's feedback into the next draft of ca-req.html. Jim also called the group's attention to an earlier document that David put together: http://middleware.internet2.edu/hepki-tag/new/PackagingCA.doc .