Proposal for discussing f2f meeting agenda

[Juan Carlos Cruellas <cruellas@ac.upc.es>]

Dear all,

Please find below a rough agenda proposal for the f2f meeting
that Nick and myself have sketched today.
We propose to quickly comment it during our conf call....
We have identified four main"headings" (identified by capital
letters) and certain issues below each "heading", identified by
numbers..

Regards

Juan Carlos.


=======================================

A) OUTSTANDING ISSUES (Day 1)

1. Clarification of what  will be included in the Core will and what
is defined by a profile.  

2. Signature and Time-stamp: relationship
It should be agreed whether which option we choose:
different protocols, or one protocol using "generalization" 
as suggested by Trevor.

3. Management of optionality and extensibility.
This issue is related with how the different options should
be managed by the protocol. 
IF tier approach is selected:
	1.Defining these tiers and 
	2. Identifying their specific features and components.
Although it could be selected another one...


4. Signature and verification practices  and policies.
A good number of issues have been identified as candidates
to be defined by "policy" or "practice" of the service. It would be 
worth to spend some time to try to clarify the issue.

 5. Requestor identity. This issue deserved
 lots of discussions trhough the list...We should discuss on:
 	.whether the different ways identified in the requirements doc. 
              cover the most  relevant possibilities.
  	.dealing with potential future different ways of providing it.
 	.dealing with authentication (see requirements doc)


6. CORE SIGNING RESPONSE BY THE SERVER.
So far, our requirements document identifies few requirements on 
this part of the protocol, and the ones identified seem quite obvious.
Taking this into account it does not seem one of the most dificult
parts of the work, although perhaps it can be influenced by the
work on the tiers in the request...


7. CORE VERIFICATION RESPONSE
Here we have  a number of points that have been commented so far.
I think that we could try to reach an agreement on whether which ones
should be covered by the "core" protocol and be specified in our
f2f meeting
	.Convenience and granularity of Individual reports.
	. Inclusion of cryptographic material used for verification (CRLS, OCSP, etc)
	. Inclusion of time-stamps on the former.
	. Inclusion of Time mark (should not a time-mark format be required?)

B) TABLE OF CONTENT FOR CORE DOCUMENT (DAY 2 am)

C) TOPICS TO BE ADDRESSED IN PROFILE (DAY 2 pm TO 3PM)

D) PLANS FOR PROGRESSING CORE