Internet2 PKI Labs Conference Call, November 20, 2001

*PKI Labs Conference Call*
November 20, 2001

*Attendees*

Neal McBurnett (convener) - Internet2

Keith Hazelton - Wisconsin
Eric Norman - Wisconsin

Sean Smith - Dartmouth
Bob Brentrup - Dartmouth

Carl Ellison - Intel
Ken Klingenstein - Colorado/Internet2
Olga Kornievskaia - Michigan
Peter Honeyman - Michigan
Renee Frost - Michigan/Internet2

Ben Chinowsky (scribe) - Internet2

*Discussion*

The minutes of the previous meeting were approved without changes.

The group discussed using public-key cryptography for authorization. Eric noted that he has been thinking about whether it might be possible to reduce SPKI authorizations to public keys. In this "name-based access control" approach, named objects are associated with the public keys of individuals who are authorized to access those objects. Access requests are made by object name and answered by delivering the object encrypted with the associated public key, so that only someone who has the corresponding private key can decrypt it. [AI] Eric will write up his thoughts on name-based access control.

Carl described work Intel is doing with public-key-mediated authorization for uPnP. Carl observed that "college dorms have become a major sore point for uPnP." The idea behind uPnP is to make network administration trivial -- e.g., plug in a printer and your computer configures it for you. This works well except in a dormitory context: "5000 PCs discover they have a new printer and start sending test pages to it." With uPnP already fully designed, it was decided that access control needed to be added; Carl was tapped because of his SPKI work. He implemented an XML solution in which every device is identified by a public key. In order to avoid namespace collisions and having to use public keys as identifiers, users can assign names to their devices. For devices that contain ACLs, there's a protocol for taking ownership via a message encrypted with the device's public key; once you gain access, you can edit the ACL. Intel will demonstrate this work at next week's uPnP summit, and standards are in preparation.

Wisconsin is continuing with its medical-center S/MIME usability study; Eric noted that the use of human subjects means that the investigators have complex regulations to deal with, especially as the regulators are not familiar with this kind of study. It's becoming clear that interoperability is a ways off yet; Keith noted that it may be necessary to begin the S/MIME deployment by getting everyone to use the same client, then diversify from there. Keith observed that NMI is causing Internet2 and the Grid to look more closely at each other's work; he will be working on using certs with Grid software at Wisconsin. Keith pointed the group to http://www.globus.org/research/papers.html for more information; he also observed that the the word "grid" is starting to appear in IBM and Sun materials, and shows signs of turning into "a rubber bag concept." [AI] Peter will send the list a URL for Olga's and Andy's report on using KX.509 for authorization for GARA, the Globus Architecture for Resource Allocation.

The Dartmouth group has also been working on S/MIME interoperability, as well as working with CREN on using certs for authentication to JSTOR and other web publishers. Sean noted that his students are at the peak of their busyness; reports from their work should be available next month. The group noted the contrast between the Feds' heavyweight approach to S/MIME, and Dartmouth's lightweight approach. Bob Brentrup noted that when a cert doesn't verify, most software doesn't give you much information on what's wrong; he has found an exception in E-Lock Assured Office. Sean's students are experimenting with this feature of Assured Office.

The group reviewed progress on action items:

[15-October-2001 - Carl will send the list a URL for an article from the German press pointing out that current fears about steganography and encrypted email are coming from the press, not the FBI.]
Done; see http://www.heise.de/tp/english/inhalt/te/9751/1.html.

[10-September-2001 - Eric will a) investigate and document a problem that Ed has encountered with using PKIUser objects to get certs from LDAP directories (what the user sees in the retrieved cert is only a fingerprint, not cert details), and b) send the list information on his experience with cert retrieval using Internet Explorer.]
Still to do.

[10-September-2001 - Peter will send the list references to his work on Kerberos/PKI integration.]
Still to do.

[10-September-2001 - Eric will work on making his demo cert-issuing site more widely available.]
In process in HEPKI-TAG.

[13-August - Eric will put Carl in touch with someone he knows who's working on an access control project for the Swedish Army.]
Done.

[13-August - Carl will send the list information on a new cert generator project.]
Done. While unfortunately this general-purpose cert generator never got finished, a specialized version of it has been included in the uPnP work discussed above.

[13-August - Bob Moskowitz will forward the list email on PKI work at Fannie Mae.]
Still to do.

[13-August - All will send Ken any information they have on organizations that might be interested in participating in the PKI Research Conference.]
Done. [AI] All will a) disseminate the PKI Research Workshop CFP far and wide, and b) personally contact people who are likely to be interested in participating in the Workshop.

[4-June - Bob Moskowitz will send the list information on Federal work related to attribute certs.]
Still to do.

Sean noted that the PKI Labs list had seen lots of discussion of the PKI Research Workshop CFP, reflecting different visions for the future of PKI, which in turn inform different ways of asking the central question: "Why hasn't PKI happened yet?" vs. "Why is public-key cryptography being used the way it is?" Eric noted that PKIX had also had a big discussion of these questions, and cited Bob Juenemann's comments as particularly worth reading; [AI] Eric will forward Bob Juenemann's comments on why PKI hasn't taken off yet. Eric pointed the group to a long article in The Atlantic magazine on the growing business of privacy: http://www.theatlantic.com/issues/2001/03/lester-p1.htm. Eric observed that "more and more it's looking like everyone should be able to make up names and issue their own certs for them", and Carl underscored the difference between PGP, which tries to use large numbers of volunteers to attach global names to public keys, and this new approach, which associates "my name for you with your key".

The next PKI Labs call will begin at 3pm EST (2000 UTC) on Tuesday, December 18.

*Action Items*

[AI] 20-November-2001 - Eric will write up his thoughts on name-based access control.
[AI] 20-November-2001 - Peter will send the list a URL for Olga's and Andy's report on using KX.509 for authorization for GARA, the Globus Architecture for Resource Allocation.
[AI] 20-November-2001 - All will a) disseminate the PKI Research Workshop CFP far and wide, and b) personally contact people who are likely to be interested in participating in the Workshop.
[AI] 20-November-2001 - Eric will forward Bob Juenemann's comments on why PKI hasn't taken off yet.
[AI] 10-September-2001 - Eric will a) investigate and document a problem that Ed has encountered with using PKIUser objects to get certs from LDAP directories (what the user sees in the retrieved cert is only a fingerprint, not cert details), and b) send the list information on his experience with cert retrieval using Internet Explorer.
[AI] 10-September-2001 - Peter will send the list references to his work on Kerberos/PKI integration.
[AI] 13-August - Bob Moskowitz will forward the list email on PKI work at Fannie Mae.
[AI] 4-June - Bob Moskowitz will send the list information on Federal work related to attribute certs.