OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

trust-el message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [trust-el] Notes for March 5th call


Sorry I missed this. Somehow fell off my calendar.

On Mar 5, 2015 12:02 PM, "Tilton, Cathy" <Cathy.Tilton@daon.com> wrote:

Minutes for the meeting of the Electronic Identity Credential Trust Elevation Methods (Trust Elevation) Technical Committee

March 2, 2015.

 

1. Call to Order and Welcome.

 

2. Roll Call

 

Attending (please notify me if you attended the meeting but are not on the list below)

 

Abbie Barbir, Bank of America  - y

Andrew Hughes - y

Anil Saldhana, Red Hat  

Bob Sunday

Brendan Peter, CA

Carl Mattocks, Bofa 

Cathy Tilton, Daon  - y 

Charline Duccans, DHS

Duane DeCouteau

Calvin

Colin Wallis, New Zealand Government  - y

Dale Rickards, Verizon Business 

David Brossard, Axiomatics 

Dazza Greenwood 

Debbie Bucci, NIH 

Deborah Steckroth, RouteOne LLC

Detlef Huehnlein, Federal Office for Information

Diana Proud-Madruga - y    

Diego Matute, Centrify

Don Thibeau, Open Identity Exchange - y   

Doron Cohen, SafeNet

Doron Grinstein, BiTKOO

Gershon Janssen - y

Ilene Bridges 

Ivonne Thomas, Hasso Plattner Institute

Jaap Kuipers, Amsterdam  

James Clark – Oasis

Jeff Broburg, CA

Jim Macabe (Kaiser)

John Bradley 

John "Mike" Davis, Veteran's Affairs 

John Walsh, Sypris Electronics

Jonas Hogberg

Julian Hamersley, Adv Micro Devices

Kevin Mangold, NIST

Lucy Lynch  ISOC

Marcus Streets, Thales e-Security

Marty Schleiff, The Boeing Company

Mary Ruddy, Identity Commons 

Massimiliano Masi, Tiani "Spirit" GmbH 

Mike Harrop

Mohammad Jafari, ESC

Peter Alterman, SAFE-BioPharma 

Peter Jones -

Rainer Hoerbe -

Rebecca Nielsen, Booz Allen Hamilton  

Rich Furr

Rick Grow - y

Ronald Perez, Advanced Micro Devices

Scott Fitch Lockeed Martin

Shaheen Abdul Jabbar, JPMorgan Chase Bank, N.A.   

Shahrokh Shahidzadeh (Intel Corp)   

Suzanne Gonzales-Webb, VA - y

Tim, McKay - y

Tony Rutkowski

Tony Nadlin

Thomas Hardjono, M.I.T.  

William Barnhill, Booz Allen Hamilton

Adrianne James, VA 

Patrick, Axiomatics

Steve Olshansky

 

We achieved quorum.

 

2. Agenda review and approval

 

We used the following chat room for the call: http://webconf.soaphub.org/conf/room/trust-el

 

The agenda was approved.

 

 

3. Approval of the Minutes

 

Don moved and Colin seconded approval of the minutes of the previous meeting Feb 19th.

There were no objections.

The minutes were approved.

 

4. Face-to-Face Meeting

 

F2F meeting towards the end of March-early April - would like one in CA and one in NY.  Want to co-locate with iBOPS TC meeting.  Hosts are needed.

ACTION:  Send out ballot to agree time for F2F.

 

5. Editors Update (Andrew Hughes)

 

We discussed the Trust Elevation Architecture.  See Architecture slides, v04:  https://www.oasis-open.org/apps/org/workgroup/trust-el/document.php?document_id=55208.  In particular, the TE method determiner - interface requirements.

 

·         Method determiner called by PDP - current LoA and method & desired LoA - determines suitable method(s) for elevation

·         Abbie - missing: Available methods on a device at a given time - determined at enrollment.  Make sure we have all blocks on the figure.

·         Needs to be plug-and-play with FIDO

·         Different degrees of trust in different authenticators

·         API must support exchange of attributes, available authenticators

·         How register device capabilities (at registration). At transaction time, select from available methods.

·         Question (Andrew): How will this scale?

·         Abbie: Trust elevation determiner may not be totally local.  Set of available methods may not be static

·         Andrew (restating): Relationship of TE repository & determiner.  Repository should be a composite of local storage & other metadata, some of which may be dynamically fetched.  In diagram, some of this responsibility was pushed to the PIP.  Assumed the content of the TE repository was static - loaded at registration

·         Abbie: Need to be more dynamic - things change.  Attributes are ranges and are not absolute

·         Slide 4:  Andrew made the following notes on this slide:

o   The target LOA may not me achievable  it is based on capabilities of the end point

o   The MD should be able to contact to the end point to see what they can do at that point in time, not based strictly on the enrollment point in time

o   Needs to be plug and play with FIDOs approach today

o   Each enrolled device will get a unique number representing capabilities  so at provisioning the AP will know the capabilities of the device

o   Must assume that the authenticator can come from an external server

o   FIDO authenticator is built into the Windows interface today (will end up in AD)

o   Invalid assumption that the TE Method is local  TE MD must be able to communicate to many authenticators

o   FIDO metadata is at the FIDO server

o   TE MR is multipart  local copy of metadata; ability to query external metadata repositories, and maybe dynamic query of current device/endpoint capabilities

o   Together, there will be a way to figure out paths from one AL to another AL & what current-time methods are possible

o   MD should know in advance what the possible capabilities/methods are (combination of provisioning-time and transaction time states)

o   The capability must be invoked to discover the current value (which is a range, not a simple value)

o   Active TEM selection at transaction time based on pre-loaded capabilities at provisioning time

o   ** Read the profiles at FIDO **

o   Should look at case of a jailbroken device that is not secured v jailbroken device that is actively made secure

o   Any TE Method should be able to signal to the relying party that the original assumptions/metadata has changed

o   This is a change in the baseline security trust of the device itself

o   This is all the responsibility of the RP  but the protocol must be able to communicate that there was a status/state change in the device (security baseline, capability, different device v what was enrolled)

o    

·         ACTION:  Abbie to send links to documents

·         Abbie: One authenticator not addressed - use case - phone unlocked by PIN, phone is rooted, default passwords - does this affect level of trust?  Assumptions may have changed.  Metadata should address.  Changes value of attributes; nature of trust environment has changed.

·         Where does responsibility lie?  RP, but protocol must address.  Flexible metadata.

·         Andrew:  Is TE about discovering or recording capabilities? Both.

·         Andrew: Trying to narrow scope to TE determiner, but too simplistic.

 

6.  ITU-T Liaison statement

 

Abbie:  Addition to agenda - liaison to SG17, send draft of our deliverables with goal of them becoming ITU-T recommendations.  Also send our slides.  Want our work to be adopted during the study period.  As a second stage, decide what should go to ISO.

 

Motion to send a liaison statement to ITU-T (Cathy T/ Don T) - no objections - motion approved.

ACTION:  Abbie to send liaison statement.

 

6. Adjourn

 

Gershon moved to adjourn the meeting.  Colin seconded the motion.

 



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]