*HEPKI-TAG Conference Call* October 19, 2005

*HEPKI-TAG Conference Call* October 19, 2005

*Action Items*

(from previous calls)
[AI] Eric will try to recruit Mairead Martin for the PKI Early Adopters project. [AI] Eric will will look into the possibility of getting Apple to include USHER root certs.
[AI] All who can test the Eudora S/MIME plugin, or find others to do so, will contact Jim.
[AI] Jim will expand the signing-tools matrix with columns on APIs and scripting tools; multiple signatures (parallel vs. stacked); and whether or not the tool lets you add a trust anchor.
[AI] All who have time to investigate one or more of the signing tools at http://middleware.internet2.edu/hepki-tag/new/signing4.html will contact Jim.
[AI] Jim will continue looking at PKI Lite cert profiles for Rice's code-signing application.
[AI] Eric will call Mozilla's attention to the fact that they don't support the standards needed to recognize trust anchors on tokens, and nudge them to do something about it.
[AI] Eric will continue seeking feedback on his Top 10 lists, especially from HCISec.
[AI] Jim will get an OID for PKI Lite from MACE.
[AI] Mark will ask Jed Dobson for more information on OSG. [AI] David will look at some of the products listed at http://middleware.internet2.edu/hepki-tag/new/signing4.html
in the light of the list of questions there.
[AI] Neal will continue looking at OpenOffice, and Jim will look at eLock.
[AI] Jim will send the list more information on the Acrobat transcript-signing work at U. of Chicago.
[AI] Jim will draft a discussion of the pros and cons of hierarchical and flat campus PKIs for discussion on a future call.
[AI] All will send Jim further suggestions for TAG projects.
[AI] Jim will send mail to people who have expressed interest in various possible areas of work for TAG, and work toward finding a focus for the group.

*Attendees*

Jim Jokl (chair) - Virginia
Jeff Schiller - MIT
Bob Morgan - Washington
Nathan Faut - KPMG
Neal McBurnett - Internet2
Ben Chinowsky (scribe) - Internet2

*Discussion*

Jim gave a short USHER update. Dartmouth is ready to launch, and the group has reached agreement on what else still needs to be done before USHER goes on line; it looks likely that this will happen before the end of this semester.

The signing-tools matrix
(http://middleware.internet2.edu/hepki-tag/new/signing4.html) now includes a draft row for Acrobat. Neal noted that there is a new OpenOffice release candidate; also, the State of Massachusettes Executive Office is standardizing on the OpenDoc format as of 1/1/07. Jim noted that Acrobat has added Windows integration, allowing use of the Windows keystore; he described this as "really well set up". Acrobat also has a PKCS11 interface. Neal observed that there are probably more signatures done with OpenPGP than with most of the products currently listed in the matrix. The group considered adding some commercial OpenPGP products, but agreed that this is out of scope given the project's focus on supporting X.509 for USHER, HEBCA and the PKI Early Adopters program.