[ietf-enroll] Progress; not meeting in Seoul

Randy Turner rturner at amalfisystems.com
Tue Feb 10 14:59:05 EST 2004 

Hi Paul,

In conjunction with the DSL Forum, I have been working on a system that 
utilizes a cryptographic bootstrap mechanism that is the beginning of 
an auto-enrollment process into a public key infrastructure. The trick 
in doing this has always been how to create the "initial authenticator" 
that can be used to initially identify the user to the PKI registration 
authority. The end user equipment that is facilitating this enrollment 
is a piece of broadband CPE gear (like a DSL residential gateway). Once 
the initial authentication has completed and auto-enrollment in the PKI 
has also completed, broadband services and capabilities are authorized 
through a "voucher" mechanism that is signed by the service provider 
that is authorizing the service.

Looking at the charter for the ietf-enroll group, it looks like there 
might be a fit for the initial authentication problem that we are 
trying to solve (we already have an interim solution but there are 
probably other alternatives that this WG could come up with). The 
charter also mentions authorization of capabilities for service 
provider customers, which is something that is also a part of the 
broadband services framework I have been working with.

Let me know if this framework sounds like a fit for the activities of 
the WG.  From reading of the charter, I think there may be, but I 
wanted a second opinion. The DSL Forum is not necessarily a standards 
organization, but is rather a group that formulates "profiles" and 
recommendations for how to use existing standards, many of which are 
derived from IETF work. That is why I am soliciting an opinion on this 
work from you guys, since the IETF is more formally engaged in 
standards development.

Regards,
Randy


On Feb 5, 2004, at 7:47 PM, Paul Hoffman / VPNC wrote:

On Feb 5, 2004, at 7:47 PM, Paul Hoffman / VPNC wrote:

> Greetings again. The list has been waaaay too quiet over the past few 
> months. We need to find a way to make some forward progress. 
> Suggestions  are welcome.
>
> Given that we aren't even sure what our requirements are, I believe 
> that it is not appropriate to have a face-to-face meeting until we 
> have a clearer direction. Thus, I have not asked for a slot at the 
> Seoul IETF meeting. This is not an admission of failure, just a strong 
> prod for us to get our act together on the mailing list so that we can 
> have more productive face-to-face meetings.
>
> --Paul Hoffman, Director
> --VPN Consortium
> _______________________________________________
> ietf-enroll mailing list
> ietf-enroll at mit.edu
> https://mailman.mit.edu/mailman/listinfo/ietf-enroll
>

More information about the ietf-enroll mailing list