PKI Labs Conference Call, June 22, 2004

*PKI Labs Conference Call*
June 22, 2004

*Attendees*

Neal McBurnett (convener) - Internet2

Mark Franklin - Dartmouth

Eric Norman - Wisconsin

Steve Carmody - Brown
Olga Kornievskaia - Michigan
Peter Honeyman - Michigan
Steve Olshansky - Internet2
Lisa Hogeboom - Internet2

Ben Chinowsky (scribe) - Internet2

*Discussion*

Eric reported that there appears to be a plan in the works to issue certs to all medical personnel; a pharmaceutical consortium called SAFE (http://www.safe-biopharma.org) is one of the likely issuers.

Mark outlined plans for the July 14-15 PKI Unlocked deployment summit at Dartmouth; see http://www.dartmouth.edu/~deploypki/summit04/. Mark also noted that he was at the Ed/Fed meeting last week, presenting on Dartmouth's plan to deploy large numbers of certs. [Proceedings for PKI Unlocked are now at http://www.dartmouth.edu/~deploypki/summit04/proceedings.html.]

Planning for the Fourth Annual PKI R&D Workshop is well underway; see http://middleware.internet2.edu/pki05/. The deadline for papers is much earlier than it has been in previous years.

Steve Carmody gave an overview of plans for the use of PKI in the LionShare P2P file-sharing project (http://lionshare.its.psu.edu). PKI will be used to
1) verify that an attribute assertion refers to a particular user; assertions include a public key in order to do this.
2) sign metadata when publishing material, e.g. so authorship can be verified.
LionShare's use of certs will take place behind the scenes; users won't even need to know that certs are being used. Carmody also noted that LionShare is "staying out of the DRM business" -- the LionShare system won't constrain what you can do once you've used it to access material. Instead LionShare will focus on making sure that you can only access that material by presenting a verifiable assertion that you possess the attributes required for access.

Mark noted that OSAF's Chandler personal information manager, like LionShare, explicitly does not require federating software such as Shibboleth. Following Mark's proposal (http://wiki.osafoundation.org/twiki/bin/view/Chandler/DartmouthPkiProposal), OSAF has decided to use PKI as its first and only P2P authentication mechanism. See http://wiki.osafoundation.org/twiki/bin/view/Journal/CsgNewSecurityProposalPresentation (scroll down to the Chandler Security heading).