[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [trust-el] Notes for March 5th call
Sorry I missed this. Somehow fell off my calendar.
Minutes for the meeting of the Electronic Identity Credential Trust Elevation Methods (Trust Elevation) Technical Committee
March 2, 2015.
1. Call to Order and Welcome.
2. Roll Call
Attending (please notify me if you attended the meeting but are not on the list below)
Abbie Barbir, Bank of America - y
Andrew Hughes - y
Anil Saldhana, Red Hat
Bob Sunday
Brendan Peter, CA
Carl Mattocks, Bofa
Cathy Tilton, Daon - y
Charline Duccans, DHS
Duane DeCouteau
Calvin
Colin Wallis, New Zealand Government - y
Dale Rickards, Verizon Business
David Brossard, Axiomatics
Dazza Greenwood
Debbie Bucci, NIH
Deborah Steckroth, RouteOne LLC
Detlef Huehnlein, Federal Office for Information
Diana Proud-Madruga - y
Diego Matute, Centrify
Don Thibeau, Open Identity Exchange - y
Doron Cohen, SafeNet
Doron Grinstein, BiTKOO
Gershon Janssen - y
Ilene Bridges
Ivonne Thomas, Hasso Plattner Institute
Jaap Kuipers, Amsterdam
James Clark – Oasis
Jeff Broburg, CA
Jim Macabe (Kaiser)
John Bradley
John "Mike" Davis, Veteran's Affairs
John Walsh, Sypris Electronics
Jonas Hogberg
Julian Hamersley, Adv Micro Devices
Kevin Mangold, NIST
Lucy Lynch ISOC
Marcus Streets, Thales e-Security
Marty Schleiff, The Boeing Company
Mary Ruddy, Identity Commons
Massimiliano Masi, Tiani "Spirit" GmbH
Mike Harrop
Mohammad Jafari, ESC
Peter Alterman, SAFE-BioPharma
Peter Jones -
Rainer Hoerbe -
Rebecca Nielsen, Booz Allen Hamilton
Rich Furr
Rick Grow - y
Ronald Perez, Advanced Micro Devices
Scott Fitch Lockeed Martin
Shaheen Abdul Jabbar, JPMorgan Chase Bank, N.A.
Shahrokh Shahidzadeh (Intel Corp)
Suzanne Gonzales-Webb, VA - y
Tim, McKay - y
Tony Rutkowski
Tony Nadlin
Thomas Hardjono, M.I.T.
William Barnhill, Booz Allen Hamilton
Adrianne James, VA
Patrick, Axiomatics
Steve Olshansky
We achieved quorum.
2. Agenda review and approval
We used the following chat room for the call: http://webconf.soaphub.org/conf/room/trust-el
The agenda was approved.
3. Approval of the Minutes
Don moved and Colin seconded approval of the minutes of the previous meeting Feb 19th.
There were no objections.
The minutes were approved.
4. Face-to-Face Meeting
F2F meeting towards the end of March-early April - would like one in CA and one in NY. Want to co-locate with iBOPS TC meeting. Hosts are needed.
ACTION: Send out ballot to agree time for F2F.
5. Editors Update (Andrew Hughes)
We discussed the Trust Elevation Architecture. See Architecture slides, v04: https://www.oasis-open.org/apps/org/workgroup/trust-el/document.php?document_id=55208. In particular, the TE method determiner - interface requirements.
· Method determiner called by PDP - current LoA and method & desired LoA - determines suitable method(s) for elevation
· Abbie - missing: Available methods on a device at a given time - determined at enrollment. Make sure we have all blocks on the figure.
· Needs to be plug-and-play with FIDO
· Different degrees of trust in different authenticators
· API must support exchange of attributes, available authenticators
· How register device capabilities (at registration). At transaction time, select from available methods.
· Question (Andrew): How will this scale?
· Abbie: Trust elevation determiner may not be totally local. Set of available methods may not be static
· Andrew (restating): Relationship of TE repository & determiner. Repository should be a composite of local storage & other metadata, some of which may be dynamically fetched. In diagram, some of this responsibility was pushed to the PIP. Assumed the content of the TE repository was static - loaded at registration
· Abbie: Need to be more dynamic - things change. Attributes are ranges and are not absolute
· Slide 4: Andrew made the following notes on this slide:
o The target LOA may not me achievable it is based on capabilities of the end point
o The MD should be able to contact to the end point to see what they can do at that point in time, not based strictly on the enrollment point in time
o Needs to be plug and play with FIDOs approach today
o Each enrolled device will get a unique number representing capabilities so at provisioning the AP will know the capabilities of the device
o Must assume that the authenticator can come from an external server
o FIDO authenticator is built into the Windows interface today (will end up in AD)
o Invalid assumption that the TE Method is local TE MD must be able to communicate to many authenticators
o FIDO metadata is at the FIDO server
o TE MR is multipart local copy of metadata; ability to query external metadata repositories, and maybe dynamic query of current device/endpoint capabilities
o Together, there will be a way to figure out paths from one AL to another AL & what current-time methods are possible
o MD should know in advance what the possible capabilities/methods are (combination of provisioning-time and transaction time states)
o The capability must be invoked to discover the current value (which is a range, not a simple value)
o Active TEM selection at transaction time based on pre-loaded capabilities at provisioning time
o ** Read the profiles at FIDO **
o Should look at case of a jailbroken device that is not secured v jailbroken device that is actively made secure
o Any TE Method should be able to signal to the relying party that the original assumptions/metadata has changed
o This is a change in the baseline security trust of the device itself
o This is all the responsibility of the RP but the protocol must be able to communicate that there was a status/state change in the device (security baseline, capability, different device v what was enrolled)
o
· ACTION: Abbie to send links to documents
· Abbie: One authenticator not addressed - use case - phone unlocked by PIN, phone is rooted, default passwords - does this affect level of trust? Assumptions may have changed. Metadata should address. Changes value of attributes; nature of trust environment has changed.
· Where does responsibility lie? RP, but protocol must address. Flexible metadata.
· Andrew: Is TE about discovering or recording capabilities? Both.
· Andrew: Trying to narrow scope to TE determiner, but too simplistic.
6. ITU-T Liaison statement
Abbie: Addition to agenda - liaison to SG17, send draft of our deliverables with goal of them becoming ITU-T recommendations. Also send our slides. Want our work to be adopted during the study period. As a second stage, decide what should go to ISO.
Motion to send a liaison statement to ITU-T (Cathy T/ Don T) - no objections - motion approved.
ACTION: Abbie to send liaison statement.
6. Adjourn
Gershon moved to adjourn the meeting. Colin seconded the motion.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]