<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1">
<title></title>
</head>
<body text="#000000" bgcolor="#ffffff">
Minutes for the ENROLL Meeting<br>
IETF 60<br>
August 2, 2004<br>
<br>
1. Agenda: Hoffman presented the Agenda: Agenda bashing (Hoffman),
draft-pritikin-ttimodel, (Pritikin), Comments on the ttimodel draft
(Schaad), Where do we go?, and Revisions of Milestones.<br>
<br>
2. Trusted Transitive Introduction Model: Pritikin <span
style="font-size: 12pt; font-family: "Times New Roman";">presented
an overview of the ttimodel draft.<span style="">
</span>Model is essentially that of a secure introductions system,
which is a
third party that facilitates the “out of band” exchanges between
systems trying
to establish authentication.<span style=""> </span>Process is
recursive, so the more stages you go through the more systems you can
communicate securely with.<span style=""> </span>Basic
low-security exchange must occur as the first step, but this may take
place
during manufacturing or staging over a physically secure link (i.e., a
short
wire).<span style=""> </span>This initial introduction would
allow the device to “imprint” on its first connection, establishing
basic
policies, initial credentials, etc.</span><br>
<br>
<span style="font-size: 12pt; font-family: "Times New Roman";">Somebody
asked for clarification that you don’t have to establish initial
credentials or
policy during the initial imprint, but it’s a good idea to do so.
Pritikin </span><span
style="font-size: 12pt; font-family: "Times New Roman";">agreed
that this was the case.<span style=""> </span>He suggested
that competitive pressure would drive vendors to do more during the
initial
imprint, because it gives you a competitive advantage over other
products that
do less.<br>
</span><span style="font-size: 12pt; font-family: "Times New Roman";"><br>
Kumar (from Panasonic) asked how, if you’re making lots of small
devices, how you can
stop the production line to initialize each. Pritikin </span><span
style="font-size: 12pt; font-family: "Times New Roman";">noted
that this complex configuration may not be common.<span style=""> </span>That
simpler examples may be the norm for small devices. Bonatti </span><span
style="font-size: 12pt; font-family: "Times New Roman";">asked
for clarification that this initial step was analogous to a
manufacturing initialization,
like loading a unique serial number onto an Ethernet adapter. Pritikin
agreed and Hoffman </span><span
style="font-size: 12pt; font-family: "Times New Roman";">amplified,
noting yes but an operation unique to ENROLL.<br>
<br>
Randy Turner </span><span
style="font-size: 12pt; font-family: "Times New Roman";">remarked
that mass marketing was a unique environment, and that he would like to
see the
existence proof for this concept. Pritikin </span><span
style="font-size: 12pt; font-family: "Times New Roman";">noted
that the communication paths exist in the “out of band” case.<span
style=""> </span>It’s merely a question of whether your model
takes advantage of that in a way that you can build on in a structured
way. Pritikin </span><span
style="font-size: 12pt; font-family: "Times New Roman";">proposed
that we evaluate whether this approach is a good way forward for
ENROLL,
finalize the draft as a WG document.<br>
<br>
3. Comments on </span>Trusted Transitive Introduction Model: Schaad <span
style="font-size: 12pt; font-family: "Times New Roman";">presented
some prepared comments on the ttimodel draft.<span style="">
</span>He stated that he does not think that the existing document does
a good
job at what a model document should be.<span style="">
</span>However, he thinks that the model implied makes sense.<span
style=""> </span>He presented an alternate view of the model
using the roles of Petitioner, Registrar, and Introducer.<span style="">
</span>He noted that in some scenarios the
introducers might not be the same entity for authenticating the
Petitioner to
the Registrar and vice versa.<span style=""> </span>He
equated his “mediated” model as being equivalent to what is presented
in the
ttimodel draft. </span><br>
<br>
Randy Turner <span
style="font-size: 12pt; font-family: "Times New Roman";">summarized
Schaad's comments by referring to
the “Goal of ENROLL” slide.<span style=""> </span>To wit,
produce a document that: </span><span
style="font-size: 12pt; font-family: "Times New Roman";">Describes
a model of doing introduction, </span><span
style="font-size: 12pt; font-family: "Times New Roman";">Describes
security aspects of model, </span><span
style="font-size: 12pt; font-family: "Times New Roman";">Allows
for designers of protocols to evaluate their protocol against the
model. Randy suggested that Schaad </span><span
style="font-size: 12pt; font-family: "Times New Roman";">was
saying that the TTI model
does the first, but not the second. Schaad responded that he was
looking for something higher level that compared different approaches.
Pritikin was happy to add more models to the document to address Jim's
concerns.<br>
<br>
4. Milestones: Hoffman was unsure whether the work could be completed
in a year and asked who is interest. Many raised their hands and it
was agreed to press forward with the work under the assumption that it
should be completed within the year.<br>
<br>
Cheers,<br>
<br>
spt</span>
</body>
</html>