[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Notes for March 5th call
Minutes for the meeting of the Electronic Identity Credential Trust Elevation Methods (Trust Elevation) Technical Committee March 2, 2015. 1. Call to Order and Welcome. 2. Roll Call Attending (please notify me if you attended the meeting but are not on the list below) Abbie Barbir, Bank of America - y Andrew Hughes - y Anil Saldhana, Red Hat Bob Sunday Brendan Peter, CA Carl Mattocks, Bofa Cathy Tilton, Daon - y Charline Duccans, DHS Duane DeCouteau Calvin Colin Wallis, New Zealand Government - y Dale Rickards, Verizon Business David Brossard, Axiomatics Dazza Greenwood Debbie Bucci, NIH Deborah Steckroth, RouteOne LLC Detlef Huehnlein, Federal Office for Information Diana Proud-Madruga - y Diego Matute, Centrify Don Thibeau, Open Identity Exchange - y Doron Cohen, SafeNet Doron Grinstein, BiTKOO Gershon Janssen - y Ilene Bridges Ivonne Thomas, Hasso Plattner Institute Jaap Kuipers, Amsterdam James Clark – Oasis Jeff Broburg, CA Jim Macabe (Kaiser) John Bradley John "Mike" Davis, Veteran's Affairs John Walsh, Sypris Electronics Jonas Hogberg Julian Hamersley, Adv Micro Devices Kevin Mangold, NIST Lucy Lynch ISOC Marcus Streets, Thales e-Security Marty Schleiff, The Boeing Company Mary Ruddy, Identity Commons Massimiliano Masi, Tiani "Spirit" GmbH Mike Harrop Mohammad Jafari, ESC Peter Alterman, SAFE-BioPharma Peter Jones - Rainer Hoerbe - Rebecca Nielsen, Booz Allen Hamilton Rich Furr Rick Grow - y Ronald Perez, Advanced Micro Devices Scott Fitch Lockeed Martin Shaheen Abdul Jabbar, JPMorgan Chase Bank, N.A. Shahrokh Shahidzadeh (Intel Corp) Suzanne Gonzales-Webb, VA - y Tim, McKay - y Tony Rutkowski Tony Nadlin Thomas Hardjono, M.I.T. William Barnhill, Booz Allen Hamilton Adrianne James, VA Patrick, Axiomatics Steve Olshansky We achieved quorum. 2. Agenda review and approval We used the following chat room for the call:
http://webconf.soaphub.org/conf/room/trust-el The agenda was approved. 3. Approval of the Minutes Don moved and Colin seconded approval of the minutes of the previous meeting Feb 19th. There were no objections. The minutes were approved. 4. Face-to-Face Meeting F2F meeting towards the end of March-early April - would like one in CA and one in NY. Want to co-locate with iBOPS TC meeting. Hosts are needed. ACTION: Send out ballot to agree time for F2F. 5. Editors Update (Andrew Hughes) We discussed the Trust Elevation Architecture. See Architecture slides, v04:
https://www.oasis-open.org/apps/org/workgroup/trust-el/document.php?document_id=55208. In particular, the TE method determiner - interface requirements. ·
Method determiner called by PDP - current LoA and method & desired LoA - determines suitable method(s) for elevation ·
Abbie - missing: Available methods on a device at a given time - determined at enrollment. Make sure we have all blocks on the figure. ·
Needs to be plug-and-play with FIDO ·
Different degrees of trust in different authenticators ·
API must support exchange of attributes, available authenticators ·
How register device capabilities (at registration). At transaction time, select from available methods. ·
Question (Andrew): How will this scale? ·
Abbie: Trust elevation determiner may not be totally local. Set of available methods may not be static ·
Andrew (restating): Relationship of TE repository & determiner. Repository should be a composite of local storage & other metadata, some of which may be dynamically fetched. In diagram, some of this responsibility was pushed
to the PIP. Assumed the content of the TE repository was static - loaded at registration ·
Abbie: Need to be more dynamic - things change. Attributes are ranges and are not absolute ·
Slide 4: Andrew made the following notes on this slide:
o
The target LOA may not me achievable it is based on capabilities of the end point
o
The MD should be able to contact to the end point to see what they can do at that point in time, not based strictly on the enrollment point in time
o
Needs to be plug and play with FIDOs approach today
o
Each enrolled device will get a unique number representing capabilities so at provisioning the AP will know the capabilities of the device
o
Must assume that the authenticator can come from an external server
o
FIDO authenticator is built into the Windows interface today (will end up in AD)
o
Invalid assumption that the TE Method is local TE MD must be able to communicate to many authenticators
o
FIDO metadata is at the FIDO server
o
TE MR is multipart local copy of metadata; ability to query external metadata repositories, and maybe dynamic query of current device/endpoint capabilities
o
Together, there will be a way to figure out paths from one AL to another AL & what current-time methods are possible
o
MD should know in advance what the possible capabilities/methods are (combination of provisioning-time and transaction time states)
o
The capability must be invoked to discover the current value (which is a range, not a simple value)
o
Active TEM selection at transaction time based on pre-loaded capabilities at provisioning time
o
** Read the profiles at FIDO **
o
Should look at case of a jailbroken device that is not secured v jailbroken device that is actively made secure
o
Any TE Method should be able to signal to the relying party that the original assumptions/metadata has changed
o
This is a change in the baseline security trust of the device itself
o
This is all the responsibility of the RP but the protocol must be able to communicate that there was a status/state change in the device (security baseline, capability, different device v what was enrolled)
o
·
ACTION: Abbie to send links to documents ·
Abbie: One authenticator not addressed - use case - phone unlocked by PIN, phone is rooted, default passwords - does this affect level of trust? Assumptions may have changed. Metadata should address. Changes value of attributes;
nature of trust environment has changed. ·
Where does responsibility lie? RP, but protocol must address. Flexible metadata. ·
Andrew: Is TE about discovering or recording capabilities? Both. ·
Andrew: Trying to narrow scope to TE determiner, but too simplistic. 6. ITU-T Liaison statement Abbie: Addition to agenda - liaison to SG17, send draft of our deliverables with goal of them becoming ITU-T recommendations. Also send our slides. Want our work to be adopted during the study period. As a second stage, decide
what should go to ISO. Motion to send a liaison statement to ITU-T (Cathy T/ Don T) - no objections - motion approved. ACTION: Abbie to send liaison statement. 6. Adjourn Gershon moved to adjourn the meeting.
Colin seconded the motion. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]