Minutes for the meeting of the Electronic Identity Credential Trust Elevation Methods (Trust Elevation) Technical Committee
12 January, 2012
1. Call to Order and Welcome.
2. Roll Call
Attending (please notify me if you attended the meeting but are not on the list below)
Abbie Barbir, Bank of America - y |
Anil Saldhana, Red Hat |
Brendan Peter, CA Technologies -y |
Carl Mattocks, Bofa |
Cathy Tilton, Daon Charline Duccans, DHS |
Duane DeCouteau |
Colin Wallis, New Zealand Government - y |
Dale Rickards, Verizon Business - y |
David Brossard, Axiomatics |
Dazza Greenwood |
Debbie Bucci, NIH |
Deborah Steckroth, RouteOne LLC |
Detlef Huehnlein, Federal Office for Information |
Don Thibeau, Open Identity Exchange - y |
Doron Cohen, SafeNet |
Doron Grinstein, BiTKOO |
Ed Coyne, Dept Veterans Affairs - y |
Ivonne Thomas, Hasso Plattner Institute |
Jaap Kuipers, Amsterdam |
Jeff Broburg, CA |
John Bradley - y |
John "Mike" Davis, Veteran's Affairs - y |
John Walsh, Sypris Electronics |
Julian Hamersley, Adv Micro Devices |
Kevin Mangold, NIST |
Marcus Streets, Thales e-Security |
Marty Schleiff, The Boeing Company |
Mary Ruddy, Identity Commons - y |
Massimiliano Masi, Tiani "Spirit" GmbH |
Nick Pope, Thales e-Security |
Peter Alterman, NIST |
Rebecca Nielsen, Booz Allen Hamilton - y |
Rich Furr, SAFE-BioPharma Assn – y |
Ronald Perez, Advanced Micro Devices |
Scott Fitch Lockeed Martin |
Shaheen Abdul Jabbar, JPMorgan Chase Bank, N.A. - y |
Shahrokh Shahidzadeh (Intel Corp) |
Tony Rutkowski Thomas Hardjono, M.I.T. |
William Barnhill, Booz Allen Hamilton Observer Cathy Tilton Guest Dick Brackney, Microsoft |
|
60 percent of the voting members were present at the meeting. We did have quorum.
2. Agenda review and approval
We used the following chat room for the call: http://webconf.soaphub.org/conf/room/trust-el chat room text is included at the end of the minutes.
Abbie proposed adding a new item: discussion of F2F. He asked if there were any objections, hearing, none, the item was added.
3. Approve Minutes
Don moved to approve the minutes.
Brendan seconded the motion.
There were no objections. The minutes were approved.
4. Presentation on ITU-T X.1254 by
Erika McCallister, NIST
Dick Brackney, Microsoft
(Reference presentation at http://www.oasis-open.org/apps/org/workgroup/trust-el/documents.php)
And the current Text for ITU-T Recommendation X.1254 | ISO/IEC DIS 29115 is at
http://www.oasis-open.org/apps/org/workgroup/trust-el/download.php/44751/285-17Attach1.pdf
Abbie introduced the main topic: an overview of ISO X.1254, originally based on NIST 800-63. It has been in production for several years. He welcomed Dick Brackney of Microsoft.
Dick explained that the presentation is a short overview of a joint ITU-T and ISO project. The two organizations interact via a collaborative exchange. Each organization meets on their own schedule and the results of each session goes to the other body. So there is a ping pong effect. They are near end of 4.5 year cycle.
Slide 2, the current status, they are near end of goal of publishing document with joint common text. So only difference is cover page. Goal is to get it published by end of this calendar year. The ITU-T equivalent step is to have it determined. He is one of two editors.
Slide 3, the basic challenge is how to protect system security and individual privacy during e-auth over open networks. The NIST 800-63 approach was to identity different levels of assurance that were needed.
Slide 4, in 800-63, there is a 5 step process.
There was a question about whether this is based on previous the previous version of 800-63. [i.e., 800-63 vs. 800-63-1]
Dick responded that there isn’t a lot of difference.
Dale commented that the biggest difference is that the new version has added some requirements.
Dick responded that his title is entity auth assurance. Is broader and includes devices. It has more complete analysis of the controls that are needed, and careful definition of terms.
Slide 5, has the document outline. The first 5 sections are normal clauses in any doc. Heart of doc is clauses 6-10. They define 4 levels. Dick said he realizes that others might not use four levels. If you are using a different set of levels, you need to map them to the four levels. The document gives guidelines for achieving each of the four levels and gives guidance, and then controls.
Shaheen asked what is the definition of entity?
Dick responded person, or non person (website, device, group). He would have liked to see more for non persons, though this has more for non persons than most. There is more work to be done.
Slide 8, is about Clause 7, which defines all the actors. They are defined rigorously.
Slide 9 is about Clause 8, the entity assurance framework. The document is organized into phases associated with auth. The threats and controls are organized around these three processes.
Slide 10, is about Cause 9, which contains legal and contractual provisions, etc.
Slide 11, is about Clause 10, threats and controls. The current document presentation could be better organized, so the organization structure will change before it is published to be more easily understood. That is the big effort that remains before the document is released.
Slide 12, is about Clause 11, service assurance criteria. That could be another standard people should be working on.
Abbie said the trust framework document starting in ITU-T would be the doc we are referring to.
Colin said that was a pretty good summary. Concerning the service assurance criteria, there is enough material around how the IDP or RP operates a series of processes to a level that supports certification of all the parties. He clarified that this standard works on the basis that an entity can have several identities.
Dick said he looks at this doc as being a foundation doc for a trust framework.
Abbie agreed. There is not a one to one correspondence between identity and entity. He asked Dick, about 4 levels of trust. What is the current agreement on elevating trust within levels?
Dick recalled, if I authenticated at LOA-3, I could make a transaction at lower levels. If you initialize at LOA-2, and want to go higher, you need to re-authorize at the higher level.
Abbie asked if an LOA-3 credential can it be used to auth at LOA-1?
Dick responded yes.
Abbie said that in our charter, we work within 4 levels, but we want to know what it would take to come almost up to the next level. He wanted the TC to be sure to be aware of this.
Colin responded that the current state is formative. He is correct, if the transaction has a higher LOA, need to re-auth. That is where it [x.1254] leaves off. So our work starts where it ends.
Mike Davis said he understood logically how a LOA-3 credential could be used at LOA-2. Since LOA-3 is software PKI and 2 is a password/ID, these two aren’t compatible. If using a credential would need to convert it to a lower level token .So there is a physical aspect of how do you do that.
Abbie said you could have a software token exchange service.
Abbie this is our third deliverable, by the way. [protocol specification for elevating trust.]
Colin commented that this [x.1254] is a framework that deliberately doesn’t get into technical choices. It is very agnostic, as ISO standards tend to be today.
Dick asked would the framework allow a security token service?
Colin responded that for going down, yes.
Bob said I think we are confusing e-authentication with conveying of the results of that dialogue. Auth could be LOA-3 PKI, but the conveyance maybe with a soft token.
Colin said we are talking about trust elevation here. But ISO/ITU-T are not working on that.
Abbie you mentioned Clause 10 needs more work, but there isn’t much more time in the cycle.
Dick responded that it doesn’t need more meat; it just needs a different organization. All the info is already there. It is just a matter of formatting.
Abbie stated that the TC should take as a starting point, the way x.1254 has it. There are three categories of threats, for different phases. For us to elevate trust, first two are a given. He said everyone should read clause 10 and use that as a foundation for organization our use cases going forward.
Colin commented especially 10.3 and 10.4.
Abbie said the editors should get familiar with clause 10. Maybe in the meeting next week, we could focus on that clause.
Abbie thanked Dick.
Abbie said the presentation was informative for the purpose of our meeting today. We have to be familiar with this standard and reference it.
Next agenda item is the added item – discussion of F2f. We had agreement from a previous meeting to have our next F2F meeting after IDtrust.
Abbie would like to see who would be interested in hosting. We haven’t heard from OSIS about the funding request. He suggested we should move forward without waiting to hear from OASIS
Brendan volunteered that CA would be happy to host in their DC or Herndon, VA office. All he would need to know is date and approximate number of attendees. His DC office only holds 10-12 people.
Abbie thanked him and said that he thought room for 10-12 would be enough as long as there is a teleconference line.
Brendan said he can provide a bridge.
Abbie asked if he heard any objections on convening the F2F.
Dale added in conjunction with IDtrust.
It would be 1 and ½ days.
Abbie commented if it is a day and half, we may be more comfortable being close to NIST.
Brendan said neither office is exactly close. Herndon is fine, not sure if folks want to come down town. We will offer up either.
We could ask NIST if they could provide a room for the afternoon of 14th and use CA for full day on March 15th.
Rebecca said she would follow-up with Peter about OASIS status. BAH may be able to host the afternoon meeting
Dale said there are some other meeting rooms at NIST that have been used to host another meeting in the past.
Now that we have options for hosting, Abbie asked for a motion to confirm the F2F of 1.5 days, the half day after IDtrust and the day after that.
Don said he was happy to make the motion and happy to be responsible for logistics.
Mary seconded the motion.
No objections.
** Action item for the chairs to put the events on the website.
** Action item to send message to ID Commons to promote our meeting.
John confirmed that the IDTrust event is March 13 thru mid day on the 14th.
Abbie replied that we will start at 1:00 on the 14th and finish at 5:00 on the 15th.
So now we need the editors to quickly have a stable version for review.
Abbie commented that we only have a few minutes left and not enough time to do a full review of the draft justice.
Abbie asked if Verizon was still willing to provide an overview at the next TC meeting.
Dale confirmed the Verizon presentation.
Abbie said he would pencil it in on the agenda.
Abbie said for the following meeting we tentatively have a BofA person to speak on ISO TC 68, the banking auth process. He will provide us an overview of that. Then after that talk we will have covered the ground of the major techniques.
Abbie asked TC if we have missed the boat somewhere. He will talk about ENISA in a future meeting. If have missed anything, could have them join us 2- 3 weeks before the face-to-face.
**Action item for TC members to let us know if we are missing something in our technique survey.
5. Mary and Editors to provide an overview of Committee Draft of first deliverable
Mary explained that an in-process draft had been posted to the OASIS website in a new deliverable area separate from the input documents.
(http://www.oasis-open.org/apps/org/workgroup/trust-el/documents.php?folder_id=2598)
The document has all its sections, including introduction and appendices with definitions. It now contains 20 method examples. In this current draft I’ve broken out variations of some examples to better draw distinctions. There are additional materials that I’ve just received that will be added next. Some of these materials are additional methods, and some are additional details about strengths and weaknesses of the current methods.
If you know of any methods that are missing, please let us know.
If you have additional comments on any of the current methods let us know.
If you see a hole were a type of method is needed, but don’t know how to fill the hole, let us know. All types of input are encouraged.
Colin followed up on Mike’s points, that we didn’t yet have a token STS scenario. Need to add.
It was commented that Mary and the Editors were doing an excellent job.
6. Attendance Update
Added John.
Abbie encouraged Intel to submit the use case for secure value tech.
** Action item for Shahrokh to submit the use case for secure value tech.
Abbie explained that we need more work on endpoint security and device identification. These are critical components. If you don’t trust your devise, you have a problem.
Abbie asked if there were any more issues for the last two minutes. None were heard.
7. Conclude meeting
Rebecca made a motion to adjourn.
Dale seconded the motion.
The meeting was adjourned.
>>>>>>>>>>>>>>>>>>>>
Chat room log
Please change your name from 'anonymous' using the Settings button
anonymous morphed into Mary Ruddy
abbie: agenda information
abbie: 1. Roll Call
2. Agenda review and Approval
3. Approve Minutes
(see http://www.oasis-open.org/apps/org/workgroup/trust-el/email/archives/201201/msg00007.html)
4. Presentation on ITU-T X.1254 by
Erika McCallister, NIST
Dick Brackney, Microsoft
(document at http://www.oasis-open.org/apps/org/workgroup/trust-el/documents.php)
and
the current Text for ITU-T Recommendation X.1254 | ISO/IEC DIS 29115 is at
http://www.oasis-open.org/apps/org/workgroup/trust-el/download.php/44751/285-17Attach1.pdf
5. Mary and Editors to provide an overview of Committee Draft of first deleiverable
6. Attendance Update
7. Conclude meeting
abbie: bridge
abbie: Passcode: 637 218 8139
Int'l Toll: 1-980-939-6928
abbie: 1 866 222 6652
abbie: Erica is not feeling well, hoping that Dick will cover the talk
anonymous morphed into Brendan Peter
anonymous1 morphed into John Bradley