Untitled Document

Technical Activities Group Meeting Minutes
HEPKI-TAG Conference Call

February 23, 2005
Attendees

* Jim Jokl (chair) - Virginia
* Renee Frost - Michigan/Internet2
* Nathan Faut - eValid8
* Steve Dorner - Qualcomm
* Mark Franklin - Dartmouth
* Eric Norman - Wisconsin
* Shelley Henderson - USC
* Nick Lewis - Internet2
* Ben Chinowsky (scribe) - Internet2

Discussion

Nathan noted that he's leaving eValid8 for KPMG, where he'll be doing security assessments. He's not sure he'll be able to make future conference calls.

Eudora principal developer Steve Dorner joined the call to discuss S/MIME plans. He noted that Eudora implemented PGP a few years ago, but this was dropped due to lack of interest; on the other hand, they are now finding broad interest in S/MIME. They are planning to first implement S/MIME via a plugin, then integrate S/MIME into Eudora proper. Steve stressed Qualcomm's strong interest in having TAG's help with testing.

Jim reviewed the final changes to the PKI Lite CP/CPS. [As of March 6, the production version is at http://middleware.internet2.edu/hepki-tag/#PKI_Lite.]
Shelley noted that TeraGrid has agreed to accept USC certs; other than TeraGrid requiring support for CRLs and CA hierarchies, the PKI-Lite standards were sufficient for this. Shelley also noted that Art Vandenberg is putting together a cookbook on running a CA, leveraging Steven Carmody's work on the PKI Lite Recipe.

Eric noted that Scott Fullerton is leaving Wisconsin -- a big loss for them -- so Eric's action item to ask Scott about working on internal CA audit requirements is moot. Shelley expressed interest in working on this. Eric noted that he's involved in an internal audit project at Wisconsin; there's not
much material here that's directly PKI-related, but there's lots of business-process and recordkeeping stuff that might be relevant.

Mark noted that Dartmouth and EDUCAUSE are cosponsoring a 1.5- or 2-day PKI deployment summit in Hanover, NH, in late July. This gathering will combine the meeting previously held in Snowmass with an event similar to PKI Unlocked (http://www.dartmouth.edu/~deploypki/summit04/), which took place at Dartmouth last year. Foci will include bridge CAs and the nuts and bolts of deploying PKI more generally; Dartmouth's recent deployment of "PKI authentication in an appliance" will also be discussed. [AI] All will send suggestions for presentations at the PKI deployment summit to Mark Franklin (Mark.J.Franklin@Dartmouth.EDU) and Steve Worona (sworona@educause.edu).
Action Items

[AI] All will send suggestions for presentations at the PKI deployment summit to Mark Franklin (Mark.J.Franklin@Dartmouth.EDU) and Steve Worona (sworona@educause.edu).
[AI] Jim will draft a discussion of the pros and cons of hierarchical and flat campus PKIs for discussion on the March 9 call.
[AI] Jeff will send Jim a Mutt column for the TAG S/MIME table.
[AI] All will send Jim further suggestions for TAG projects.
[AI] Jim will send mail to people who have expressed interest in various possible areas of work for TAG, and work toward finding a focus for the group.
[AI] Eric will look for pointers on getting Mozilla to recognize trust anchors on tokens.
[AI] Eric will review his Top 10 lists to see if they're ready to be added to the TAG web site.