HEPKI-TAG Conference Call August 23, 2006

*HEPKI-TAG Conference Call*
August 23, 2006

*Attendees*

Jim Jokl (chair) - Virginia
Eric Norman - Wisconsin
Jeff Schiller - MIT
Ron DiNapoli - Cornell
Nathan Faut - KPMG
David Wasley - independent
Steve Olshansky - Internet2
Neal McBurnett - Internet2
Ben Chinowsky (scribe) - Internet2

*Action Items*

(new)
[AI] Eric will draft a short paper outlining the issues around key escrow and alternatives to it.
[AI] Jim and Ben will draft an initial web page for the PKI Implementers Workshop.

(from previous calls)
[AI] Jim will review the action items and send Ben a list of changes and deletions.
[AI] Eric will experiment with delivery and trust of root and intermediate certs via the web in Mozilla-family browsers.
[AI] Scott will send out a pointer to the draft TAGPMA CA audit requirements.
[AI] Jim will incorporate Scott's digsig-tools information into the HEPKI-TAG web site.
[AI] All will ask their contacts what material their schools would find most useful in a PKI implementers workshop.
[AI] David will follow up on SAFE's open-source signing work.
[AI] All will send URLs for CA software (open-source or not) to TAG.
[AI] Eric will let TAG know when Ron DiNapoli's work on Aladdin eTokens on Macintosh is available for the group to look at.
[AI] All will look at http://www.gridpma.org for materials for the CA Audit project to point to or extract from.
[AI] Bob will send out pointers on UW's experience with the Federal Credential Assessment Framework (CAF).
[AI] All who can test the Eudora S/MIME plugin, or find others to do so, will contact Jim.
[AI] Jim will expand the signing-tools matrix with columns on APIs and scripting tools; multiple signatures (parallel vs. stacked); and whether or not the tool lets you add a trust anchor.
[AI] All who have time to investigate one or more of the signing tools at http://middleware.internet2.edu/hepki-tag/new/signing4.html will contact Jim.
[AI] Jim will continue looking at PKI Lite cert profiles for Rice's code-signing application.
[AI] Eric will continue seeking feedback on his Top 10 lists, especially from HCISec.
[AI] Jim will get an OID for PKI Lite from MACE.
[AI] Mark will ask Jed Dobson for more information on OSG.
[AI] David will look at some of the products listed at http://middleware.internet2.edu/hepki-tag/new/signing4.html in the light of the list of questions there.
[AI] Neal will continue looking at OpenOffice, and Jim will look at eLock.
[AI] Jim will send the list more information on the Acrobat transcript-signing work at U. of Chicago.
[AI] Jim will draft a discussion of the pros and cons of hierarchical and flat campus PKIs for discussion on a future call.
[AI] All will send Jim further suggestions for TAG projects.
[AI] Jim will send mail to people who have expressed interest in various possible areas of work for TAG, and work toward finding a focus for the group.

*Discussion*

Ron DiNapoli joined the call to get the group's input on how to do key escrow on his campus. Cornell has a policy that says keys for stored encrypted data must be escrowed, leaving it to the departments how to do it. Encryption has been little used so far, but that is starting to change.

Jeff Schiller suggested that the policy that demands escrow needs to be changed to a more general policy that says that encrypted data must be recoverable, without demanding that escrow be the method used. In Jeff's view, a policy that says wherever there is encryption there must be escrow, is just going to discourage people from using encryption. Eric observed that "key escrow" has become a loaded term, and suggested using the more neutral "key backup" instead. Eric also noted some additional issues with encrypted data on laptops that have come up at Wisconsin: do you have to notify people whose data has fallen into the wrong hands, even if it's encrypted? What about the possibility of sensitive data being left in a cache unencrypted?

Jeff had a similar approach to this set of issues: you could have a policy that forbids putting sensitive data on laptops, but such a policy would be unenforceable and likely to be ignored. MIT is planning to instead recommend whole-disk encryption products; these products will include key-recovery features, though using these features will not be required. [AI] Eric will draft a short paper outlining the issues around key escrow and alternatives to it.

Eric is looking for feedback on his "Nuts and Bolts of PKI Files" presentation (http://www.educause.edu/LibraryDetailPage/666?ID=PKI0505); please send comments to ejnorman AT doit.wisc DOT edu.

Jim has gotten good feedback on the idea of having a PKI Implementers Workshop around the December 4-7 Internet2 Member Meeting in Chicago. [AI] Jim and Ben will draft an initial web page for the PKI Implementers Workshop.