Internet2 PKI Labs Conference Call, August 13, 2001

*PKI Labs Conference Call*
August 13, 2001

*Attendees*

Neal McBurnett (convener)

Ed Feustel - Dartmouth
Bob Brentrup - Dartmouth
Sean Smith - Dartmouth

Eric Norman - Wisconsin
Keith Hazelton - Wisconsin
Ryan Muldoon - Wisconsin
Todd Tannenbaum - Wisconsin

Carl Ellison - Intel
Bill Weems - U. of Texas at Houston
Ken Klingenstein - Colorado/Internet2
Steve Bellovin - AT&T
Cliff Neuman - ISI
Bob Moskowitz - ICSA Labs/TruSecure
Renee Frost - Michigan/Internet2

Ben Chinowsky (scribe) - Internet2

*Discussion*

The call opened with miscellaneous items. A new and much easier to use CDSA package is now available at http://sourceforge.net/projects/cdsa/. There was a short discussion of Groove; Neal thinks that it needs to be much more open in order to be a serious contender, and there's also the once-you-get-in-you-can-do-anything problem. [AI] Eric will put Carl in touch with someone he knows who's working on an access control project for the Swedish Army. [AI] Carl will send the list information on a new cert generator project. Carl noted that his intern is supposed to be producing a cert generator also.

After approving the minutes, the group noted completion of two action items:

[16-July - Keith will bring in representatives from the PKI effort at the University of Texas for a Q&A session on a future call.]
Bill Weems has joined this call for this purpose.

[16-July - Eric will forward examples of directory schemas that have been successful or failed with S/MIME implementations' queries for PKCs, and will attempt to document these results in a tech report.]
Done.

There was a short discussion of how to handle action items; there was general agreement that the PKI Labs will follow the procedure agreed to on the June 18 MACE call, and maintain a running list of action items. There was some discussion of posting an action item list prominently on the PKI Labs site, separate from the minutes, but as no decision was reached, the cumulated AIs will be included in the minutes, for the time being at least.

Much of the call was devoted to discussion of the successful PKI deployment at the University of Texas Health Science Center at Houston (UTH). So far UTH has issued about 5,000 certs -- which they call Digital IDs -- on a campus with about 10,000 faculty, students and staff. The central lesson of this deployment is that if infrastructure and applications are in place and you start handing out certs, people will use them. Bill compared UTH's happy experience with "education by immersion" to the way email and the Web were taken up by their early users, and noted that users were finding Digital IDs easier to get used to than PGP. Bill repeatedly stressed the importance of providing useful applications: if you let people start using PKI to solve real problems, it does in fact solve real problems. He also stressed the importance of not underestimating the task of setting up the CA infrastructure; even though UT has a co-branding arrangement with VeriSign, and even though they're mostly a Netscape shop and didn't need to deal with Eudora plugins, this took some time. Bill summed up his introduction by saying "there's no way we'd go back, and we're trying to figure out how to move forward." Bill's slide set on the deployment, entitled "Why Users Like PKI & Directory Services", is at http://www.uth.tmc.edu/~wweems/aspen2001.ppt.

The group discussed two much-anticipated problems that UTH hasn't encountered much, at least not yet.
1) *User mismanagement of private keys.* Most private keys are stored in a password-protected "key container" on the user's computer. Regular use of the key has ensured that users forgetting their passwords has not been a common problem, and UTH's emphasis on the fact that the signatures produced by these keys are legally binding has successfully discouraged people from sharing their passwords. Although few problems have been encountered so far, Bill acknowledged that security is lax in many respects; there are lots of unprotected shared hard drives, and doing HIPAA with email is going to require "a huge change in the way people behave". USB dongles are being introduced.
2) *Information loss due to encryption.* This has been "a zero problem", not because any special precautions, such as doing more than one encryption with more than one key, are usually taken, but because people don't encrypt things unless they really need to -- for example, when sending passwords or accusations of sexual harassment. Dual keys have not been much of a focus; VeriSign is working with Schlumberger on this. All health-related units of UT want to have dual keys deployed within a year. UTH is currently looking into getting dual keys to work on their USB dongles.

Authorization at UTH is done via directory groups. If you're a regular member of the community, routine processes get you into the directory. If you're a guest, you need to be sponsored, and also show up with ID (exception: there's a notary process for remote guests) before access will be granted. Netids are used as unique identifiers in the directory (this is how the "John Smith problem" is addressed) but are not put in certs; email addresses are unique at any given time (though not over time, which may need to change soon), and are put in certs and mapped to netids. Departing users are removed from the system by taking them out of the directory, making cert revocation unnecessary. Bill noted that guest sponsors always put in a projected end date for guest status, and that guest status doesn't give you much more than an email address.

Ken observed that the less information is put in certs, the more important directory security becomes, and asked if people are aware of any work on management of directory access rights. [AI] Ed will send Ken information about ongoing work on LDAP access control. Ken asked if the group thought that policies would be applied to directories with the same rigor they're being applied to PKI; Carl expressed the opinion that they should be, but that whether or not they will be is still an open question.

Ken asked the group for thoughts on a PKIX proposal aired at IETF last week, to put JPEGs in certs as a binding mechanism. Bob Moskowitz noted that "Stefan got booed down on that one"; Carl, while noting that Intel has a related patent, expressed doubt that a picture would help much -- "what if I've never met the person?" Sean expressed concern that including a JPEG would make it possible to have many semantically equivalent but non-identical certs (bits in the picture could be changed without causing the picture to look noticeably different); this could lead to collisions in hash functions. There was no consensus on whether this is likely to prove to be a serious problem.

Ken noted that MACE is planning to meet with representatives of Microsoft in Seattle on September 11, the day before the start of the CSG meeting. [AI] Ed will send Ken a copy of the questions he sent Dartmouth's contact at Microsoft Research.

Thanks to support pledged by NIH and NIST, it looks like Internet2 will be able to support academics attending the PKI Research Conference; NIST has also agreed to publish conference proceedings. Ken asked the group to suggest other organizations that "still have interrealm hopes" and that might want to participate in the conference. Suggestions included the Grid, Visa's smartcards effort, Fannie Mae ([AI] Bob Moskowitz will forward Ken email on PKI work at Fannie Mae) and an agricultural economics government agency. [AI] All will send Ken any information they have on organizations that might be interested in participating in the PKI Research Conference. [AI] Ken will send the list information on the upcoming initial conference call of the PKI Research Conference program committee.

The next PKI Labs call will take place on Monday, September 10, at 2pm EDT.

*Action Items*

[AI] 13-August - Eric will put Carl in touch with someone he knows who's working on an access control project for the Swedish Army.
[AI] 13-August - Carl will send the list information on a new cert generator project.
[AI] 13-August - Ed will send Ken information about ongoing work on LDAP access control.
[AI] 13-August - Ed will send Ken a copy of the questions he sent Dartmouth's contact at Microsoft Research.
[AI] 13-August - Bob Moskowitz will forward Ken email on PKI work at Fannie Mae.
[AI] 13-August - All will send Ken any information they have on organizations that might be interested in participating in the PKI Research Conference.
[AI] 13-August - Ken will send the list information on the upcoming initial conference call of the PKI Research Conference program committee.
[AI] 16-July - As soon as he is able, Ken will issue a call for submissions for the February 20-21 PKI conference.
[AI] 4-June - Bob Moskowitz will send the list information on Federal work related to attribute certs.
[AI] 4-June - Ken will ask Rich Guida, Jeff Schiller, Stefan Brands, Peter Alterman, and Tim Polk to serve on the program committee.
[AI] 4-June - Keith will ask Larry Landweber to serve on the program committee.
[AI] 4-June - Ken will schedule a conference call with both confirmed and prospective program committee members.
[AI] 4-June - Keith will have the grad student maintaining the Wisconsin PKI Lab web site notify Dartmouth when the site is updated.
[AI] 4-June - Keith will organize a joint Shibboleth/PKI Labs conference call to talk about overlap and cooperation between the two projects.
[AI] 4-June - Carl will find out when the next version of CDSA is due to be released.
[AI] 4-June - Carl will try to track down the consultant who did the CDSA documentation.
[AI] 4-June - Steve will let the list know what he finds out about the default CRL-checking behavior of Internet Explorer.