[AI] Peter and Michael: will talk with Steve Carmody about the status of messaging in Shib work.

[AI] Klaas: will modify the authenticated use case to align with Brendan's work.

[AI] Brendan: will write a cover page for the pseudonymous use case and incorporate Klaas' work. [AI] Michael: will arrange a discussion between Peter and Mitchell Baker of the Mozilla foundation.

I2IM Conference Call February 20, 2004

*Attendees* Michael Gettes, Duke
Brendan Bellina, Notre Dame
Klaas Wierenga, SURFnet
Ann West, Educause/Internet2
Peter St. Andre, Jabber Foundation
Neal McBurnett, Internet2
Jeanette Fielden, Internet2
Steve Olshansky, Internet2

*Discussion*
There is a Real Time Communications Summit scheduled for the Internet2 Spring Member Meeting. The intent is to foster communication between the various real time communication initiatives at Internet2. The I2IM, VidMid VC, VoIP, and Presence and Integrated Communications (PIC) working groups will all be involved. The Internet2 Commons may also be involved. The program committee for the summit is composed of the group chairs and they've been discussing agendas and speakers. If you have suggestions please let Steve know. When a preliminary agenda is available it will be forwarded to the list. The Spring Meeting is in Washington D.C. April 19th - 21st 2004. More information is available at: http://events.internet2.edu/2004/spring-mm/

XMPP update

The Jabber Foundation is working on an http binding and is also working with other organizations on initiatives for extensions.

XMPP vs. SIP/SIMPLE

SIP is a negotiation protocol. SIMPLE has built messaging stuff on top of SIP. XMPP is streaming based and being used for things such as white-boarding etc.

Peter has published an initial preliminary Internet2 draft defining more clearly how interoperability between SIMPLE and XMPP will happen. There are some addressing issues since XMPP addresses can be internationalized and SIP ones can't. Peter is looking at seamless gateways where it won't matter. There are already a number of open source gateways in existence.

Michael asked if messaging was incorporated into the Shib work? Peter understanding is that has. He had discussed grid use cases with Stephen Carmody and needs to follow up with him.

[AI] Peter and Michael will talk with Steve Carmody about the status of messaging in Shib work.

Use Cases Klaas will align his work with Brendan's use cases.

[AI] Klaas will modify the authenticated use case to align with Brendan's work.

Steve pointed out that when talking about privacy: it needs to be explicit that it's a function that can be switched on and off. Michael asked that the cover page describe the range of privacy possible, and the need for an infrastructure that includes messaging and supports that privacy range.

[AI] Brendan will write a cover page for the pseudonymous use case and incorporate Klaas' work.

Once the cover page and changes are done, Brendan's use cases will be circulated to the I2IM list and other groups, such as PIC, to facilitate discussions on what they're doing and to help move things forward. It can also be used to come up with the set of things that rest of the world is not taking into account.

Neal asked what IM clients are doing in terms of managing S/MIME certificates? Are people looking at ways to support a PGP like web of trust? Or in support of how social networks develop? Peter feels that a web of trust doesn't form via IM. You can do PGP via Jabber and you accept the key of people you already know. There are contact books, rosters, that form a web of communication but at this point it hasn't been pursued to turn those into a web of trust. Klaas indicated he would prefer an approach that built a web a trust of which IM was one component vs. a web of trust for IM.

Are there clients out there now that are doing S/MIME authentication?

Peter is not aware of anyone in the Jabber community that intends to implement S/MIME. The Jabber community has a marked preference for XML based implementations. There are security requirements including channel encryption, strong authentication via SASL, end-to-end encryption via S/MIME and CPIM. Neal asked if it was possible to be compliant with XMPP and not have support for S/MIME end-to-end? Peter indicated that it was not but that hasn't been a driving concern within the Jabber community to date.

Neal is trying to get security incorporated into the foundation of instant messaging. If it's done right a framework will help track who we're interacting with and will help solve and prevent other issues such as SPAM in IM. He's open to ideas of how to get people to get involved with solving security issues since currently it is not a high priority for most doing IM development.

Michael asked if it was possible to incorporate the security framework within Mozilla? Chandler is discussing how to use Mozilla and they are also interested in incorporating Jabber as the messaging protocol. Since the president of the Mozilla foundation is also involved in Chandler there may be a very productive alignment between the three.

[AI] Michael will arrange a discussion between Peter and Mitchell Baker of the Mozilla foundation.