Untitled Document

HEPKI Technical Activities Group Meeting Minutes

April 6, 2005
Attendees

* Jim Jokl (chair) - Virginia
* Eric Norman - Wisconsin
* Mark Franklin - Dartmouth
* Bob Morgan - Washington
* Nick Lewis - Internet2
* Neal McBurnett - Internet2
* Ben Chinowsky (scribe) - Internet2

Discussion

Mark noted that the agenda for the PKI deployment summit is still open. Eric volunteered to give a low-level explanation of DER, PEM, and ASN.1; Neal suggested a low-level explanation of XML signatures. There was general agreement that sessions like these would be useful for troubleshooting.

Jim noted that the PKI Lite docs recommend against listing a policy OID, but asked if we should we get one from MACE for those who want to use it anyway. The consensus was yes. [AI] Jim will send the PKI Lite docs to MACE for final review, and get an OID for PKI Lite from MACE.

The latest document-signing issues list is at http://middleware.internet2.edu/hepki-tag/new/signing.html. Jim suggested we may need to add items on interoperability. The group will continue looking at specific document-signing products, as a means to refining the issues list; in particular, [AI] Neal will continue looking at OpenOffice, Jim will look at eLock, and Eric will look at WonderCrypt. [Scott Rea sent extensive comments on InfoMosaic to the list on April 7.] Neal asks that all take a look at the OpenOffice spec in his March 24 email. The spec is in SXW format; [AI] Neal will send the list a PDF of the OpenOffice spec.

Eric noted some pointers on the long-term signatures issue:
http://www.ietf.org/html.charters/ltans-charter.html
http://middleware.internet2.edu/pki04/proceedings/trusted_archiving.pdf
http://middleware.internet2.edu/pki04/proceedings/trusted_archiving-present.pdf

A group at Dartmouth has been working on a simple toolkit for digitally signing webforms, using a web browser as the client. This work is currently at the proof-of-concept stage. The Mozilla version can show the user exactly what they're signing; the Internet Explorer version simulates this using Visual Basic. Mark noted that "not holding what we're creating to a higher standard" than current business processes "has been a major theme for this effort."

Mark and Jim recently participated in an Open Science Grid (OSG) Policy Group conference call. [AI] Mark will ask Jed Dobson for more information on OSG.
Action Items
New

* [AI] Jim will send the PKI Lite docs to MACE for final review, and get an OID for PKI Lite from MACE.
* [AI] Neal will continue looking at OpenOffice, Jim will look at eLock, and Eric will look at WonderCrypt.
* [AI] Neal will send the list a PDF of the OpenOffice spec.
* [AI] Mark will ask Jed Dobson for more information on OSG.

From previous calls

* [AI] Jim will clarify items 4 and 9 in the list of questions about document-signing tools, and add items on date-stamping and OS crypto.
* [AI] David will look at some of the products listed at http://middleware.internet2.edu/hepki-tag/new/signing.html in the light of these questions.
* [AI] Jim will follow up on the Acrobat transcript-signing work at U. of Chicago.
* [AI] Shelley will ask her sysadmins list for information on applications using any of the tools on Jim's list.
* [AI] Jim will draft a discussion of the pros and cons of hierarchical and flat campus PKIs for discussion on a future call.
* [AI] All will send suggestions for presentations at the PKI deployment summit to Mark Franklin (Mark.J.Franklin@Dartmouth.EDU) and Steve Worona (sworona@educause.edu).
* [AI] Jeff will send Jim a Mutt column for the TAG S/MIME table.
* [AI] All will send Jim further suggestions for TAG projects.
* [AI] Jim will send mail to people who have expressed interest in various possible areas of work for TAG, and work toward finding a focus for the group.
* [AI] Eric will look for pointers on getting Mozilla to recognize trust anchors on tokens.
* [AI] Eric will review his Top 10 lists to see if they're ready to be added to the TAG web site.