[ietf-enroll] Updated Charter

Jim Schaad jimsch at nwlink.com
Mon May 12 02:26:35 EDT 2003 

Here is the updated charter based on the comments that I have seen on
the list. Max, I have not completely ignored your comments, however I
feel that many of them deal with what the model should look like rather
than the scope of the work of the group and have therefore not directly
incorperated them.

Jim


Description of Working Group:

There are many cases where a service consumer needs to obtain credential
information from a service provider and provide for some type of
information for validation of identity.  This working group will look at
some of the cases dealing with the use of cryptographic algorithms for
providing this information.

When doing enrollment of a service consumer against a service provider,
three pieces of information need to be provided or created in order to
support authentication of the service consumer to the service provider
(and visa versa) and to allow for additional security services to be
provided any information exchanged.  These pieces of data are:

1.	The  "entity label" for the service consumer,
2.	A piece of keying information to be used
3.	A set of permissions for operations for the service consumer.

Each of these data items could be created by either the consumer or
provider at any point during the enrollment process.

This group will create a model to be used in describing enrollment
procedures and create a document for a framework how this is to be done.
The group will then produce three documents profiling the use of the
framework for the following cases:

1.	A shared secret key
2.	A bare asymmetric key
3.	A bound asymmetric key (e.g. an X.509 certificate).

As part of the validation of the framework, the group will examine how
other real world enrollment procedures could be profiled.  (An example
of this would be credit card usage.)

Goals and Milestones:

Sept 2003	First draft of model
Dec 2003	Last call on model document
Nov 2003	First draft of Framework document
April 2004	Last call on module document
March 2004	First draft of secret key profile
March 2004	First draft of bare asymmetric key profile
March 2004	First draft of bound asymmetric key profile
Aug 2004	Last call on secret key profile
Aug 2004	Last call on bare asymmetric key profile
Aug 2004	Last call on bound asymmetric key profile

More information about the ietf-enroll mailing list