2.5.13 Securely Available Credentials (sacred) bof

Current Meeting Report


Tuesday August 1, 1700-1800

1. agenda bashing (0-5 mins)
2. scene setting (5 mins) Magnus Nystrom
3. more use cases (5 mins) Al Arsenaut
4. relevant IEEE P1363 work items (5 mins) Ari Singer
5. draft-farrell-sacred-00.txt (5 mins) Stephen Farrell
6. draft-perlman-strong-pass-00.txt (5 mins) Radia Perlman
see also: http://www.isoc.org/isoc/conferences/ndss/99/proceedings/papers/perlman.pdf
7. WG charter discussion (~30 mins)


Minutes of the IEFT sacred BOF session.

We met for an hour on Tuesday, Aug 1. Approx. 110 people attended (not bad given the collision with TLS).

Ernie Brickell agreed to act as note taker.

Magnus Nystrom, cochair of the BOF, gave presentation on Setting the Scene, which motivated the need for a standard to allow users to remotely access credentials.

Al Arsenault , gave perspective from wireless PKI. Points that were stressed were:

Comment from audience that we wanted to be sure that the use of hardware tokens for storage of mobile credentials was covered in the charter. Steve Farrell assured him that this was in the charter.

Next Speaker - Ari Singer. The IEEE P1363 standard is coming out soon. It covers three families of algorithms, discrete exponentiation, elliptic curves, and integer factoring based. The IEEE P1363A, the first addendum is being worked on now. They are looking at lattice based algorithms and attributes. There is a project authorization request for new work on password based authenticated key exchange, which is relevant to sacred. The next meeting on this is after the Crypto converence, Aug. 24, in Santa Barbara. They should know soon after this whether this will be worked on as part of P1363. If this piece of work is accepted, the expected time to completion will be 1.5 to 2 years.

Stephen Farrell, cochair of the BOF. Gave presentation on proposed requirements and an example protocol. Mentioned numerous times that the example protocol was given to help think about what the issues were, and not as a proposed protocol. Emphasized the point that the protocol should work for multiple types of credentials, and should treat the credential as opaque. Question from audience about whether the protocol would support authentication methods other than passwords, for example SecureID, for the authentication prior to the download of a credential. Stephen stated that the plan is to support a framework that could allow SecureID.

Question from audience about the purpose of the direct protocol. Is it just for efficiency, since it seems that the functionality could be achieved with a server? Response that it was needed for efficiency, but the point was made that the direct method would be of use between two device that were non web connected devices.

Radia Perlman presented a method for password based authenticated key exchange. They motivated their work by stating that they wanted to have a method for password based authenticated key exchange that was not encumbered by any patents. They believe they have done this (to their actual knowledge). They believe that their scheme is as efficient as other schemes. There is also an efficiency improvement if the user remembers one extra character in addition to their password.

There was a question from the audience about whether SRP could be used. Their response was that SRP had issues, that it had not been closely examined, and that it was patented, and that it might be covered by the Bellovin - Merritt patent. There was a response from the audience that it was not patented, and that IESG would not have approved it if it had been patented. This last point was disputed. However, this discussion ended with confusion about the patent position of SRP.

Stephen Farrell led a discussion on the draft charter for the BOF. Most of the participants had not read the charter. He displayed the charter on the screen, and summarized key points of the charter.

One question from the audience was whether the charter should include credentials other than PKI. Stephen responded that we would prefer not to consider other credentials, for example credit cards.

Steve Bellovin pointed out there was some overlap between the charter of sacred and items being considered in ipsra. There was several comments about the similarities and differences. Ipsra has a requirement to work with legacy systems, which precludes some technology, and the users of ipsra might not have a credential. The conclusion was that if ipsra wanted to
transfer a piece of their work to sacred, then sacred would support requirements for ipsra.

There was a question about adding to the requirements to address access control after the user has obtained the credential. However, this was stated as being out of scope for sacred.

Stephen Farrell asked for any objections to the charter. There were none raised.

David Jablon was the last speaker and spoke on the benefits of using a password based authenticated key exchange. Mentioned that there were 3 or 4 additional methods for this under discussion at P1363. Made the point that if you don't have to interoperate with legacy infrastructure, then you can use these new methods.


IEEE P1363 Working Group Overview for IETF-SACRED
Secure Password-Based Download of Security Info