*PKI Labs Conference Call*
June 10, 2003

*Attendees*

Neal McBurnett (convener) - Internet2

Sean Smith - Dartmouth

Eric Norman - Wisconsin

Jeff Schiller - MIT
Krishna Sankar - Cisco
Carl Ellison - Intel
Renee Frost - Michigan/Internet2

Ben Chinowsky (scribe) - Internet2

*Discussion*

The minutes of the previous meeting were approved with one clarification.

[AI] Jeff will make the text of his testimony before the House Government Reform Committee available to the PKI Labs. Jeff came away from the hearing with the impression that P2P file sharing isn't likely to be a target of goverment regulation, but that restrictions on anything that can facilitate ID theft are likely -- for example, a clampdown on the use of SSNs for identification in the private sector. In the PKI sphere, such restrictions will have effects on how authentication is done. Jeff pointed to two aspects of ID theft that make it a likely target of government action: it's a drain on the economy, and becoming a victim of it is truly a miserable experience; Jeff described it as "the theft that keeps on stealing". Jeff sees the prospects for getting rid of ID theft as poor, and suggested instead focusing on reducing the misery it inflicts on its victims. One example of this approach is to have reasonable standards for resetting passwords -- if someone's in another country, you can't ask them to show up with a picture ID to reset their password. More generally, Jeff observed that "you can't push the level of authentication beyond what the public will tolerate." The victim of credit card fraud loses a maximum of $50, but with PKI there's the idea that if something is signed with your private key, you signed it, and you're fully responsible. Carl noted the similarly common and dangerous "if you know these things you must be me" approach to identity, called a pedigree check.

Jeff noted that the Secure BGP developers are interested in deploying PKI to stop spammers from making use of hijacked address space. Jeff is concerned that using a rigid X.509 hierarchy to do this would turn ARIN into a huge monopoly, and suggested that it would be better to have a ISPs issue certs for this purpose, as ISPs must compete for business. As a cautionary tale against the dangers of monopolistic rigidity, Jeff called the group's attention to a recent development in airline security: the name "David Nelson" has turned up on a list of suspected terrorists, so now anyone with that name can expect two or three hours of extra hassle at the airport. TSA apparently prefers not to use any further criteria for this extra scrutiny, on the theory that doing so would make it easier for the David Nelson they're after to slip through. TSA's rules make the extra scrutiny mandatory, even if the TSA staff at the airport know the David Nelson personally. Also, there is no way to appeal the decisions of low-level TSAers. For more on the David Nelson issue, Neal recommended this article: http://www.oregonlive.com/news/oregonian/margie_boule/index.ssf?/base/living/1051877124142830.xml.

The group returned to the issue of what hardware to use for the HE CA. Jeff reiterated his strong interest in using a Java iButton; the main issue here is finding a way to do exponentiation so as to effectively allow 2048-bit keys. To this end, [AI] Carl will look into the MP package that uses 1024-bit words. Jeff noted that with the iButton the key is generated off the device, then loaded into it; this is preferable to devices like the SafeKeyper that generate the key themselves and make it impossible to remove it. While it's true that the latter approach means that you don't have to trust the people who generate the key, it also means that you have to trust the manufacturer to not orphan the product. With the former approach, you do need to trust the key generators, but in Jeff's opinion this is a lesser problem. Finding a good mechanism for rolling over root keys remains the key task here.

There was a short discussion of the DNSSEC work that Sam Weiler presented at this year's PKI Research Workshop. [AI] Neal will put an in-depth discussion of DNSSEC issues on the agenda for a future call.

Ben is collecting feedback on the draft writeups of this year's PKI Research Workshop (PKI03). Neal noted that we have all the permissions we need to produce paper proceedings from PKI03, though still not for PKI02. [AI] Carl and Neal will assemble the final PKI03 materials. [AI] Carl will confirm Ravi Sandhu's offer to publish outstanding PKI03 papers in TISSEC, and send mail to the program committee listing the papers and asking which should be selected.

Neal noted that the NIST venue has again been reserved for next year's PKI Research Workshop; Peter Honeyman is in the process of recruiting program chairs. Krishna suggested that the format for PKI04 be more interactive, with shorter presentations, and the time thus freed up used for open discussion of hot topics solicited from the audience. Carl observed that sessions like these work best as "pure brainstorming", rather than (for instance) exercises in collective draft-writing. Krishna also suggested that there be more sessions on experiences with real-world deployments, both successful and unsuccessful. Eric suggested inviting more participants from the corporate sector, "in a way that they show up, but without product brochures;" Krishna suggested Amex and Visa in particular. All are encouraged to send Neal any further suggestions for PKI04.

Sean noted that he's updated the Dartmouth PKI Lab research page; see http://www.cs.dartmouth.edu/~pkilab/research/.

The next PKI Labs conference call will take place Tuesday, July 15, at 4:00 PM Eastern; this is 24 hours after the regularly-scheduled time.

*Action Items*

[AI] Jeff will make the text of his testimony before the House Government Reform Committee available to the PKI Labs.
[AI] Carl will look into the MP package that uses 1024-bit words.
[AI] Neal will put an in-depth discussion of DNSSEC issues on the agenda for a future call.
[AI] Carl and Neal will assemble the final PKI03 materials.
[AI] Carl will confirm Ravi Sandhu's offer to publish outstanding PKI03 papers in TISSEC, and send mail to the program committee listing the papers and asking which should be selected.