This Working Group did not meet
NOTE: This charter is a snapshot of the 59th IETF Meeting in Seoul, Korea. It may now be out-of-date.
Last Modified: 2003-12-11
When doing enrollment of a service consumer against a service provider, three pieces of information need to be provided or created in order to support authentication of the service consumer to the service provider (and visa versa) and to allow for additional security services to be provided any information exchanged. These pieces of data are:
1. An identifier, within a namespace controlled by the service provider, for the service consumer. 2. Keying information to be used for identity confirmation. 3. A set of service consumer permissions. These permissions describe to the provider the services that the consumer wants to access, and they describe to the consumer what services offered by the provider will be accessable.
Each of these data items could be created by either the consumer or provider at any point during the enrollment process.
This group will create a model to be used in describing enrollment procedures and create a document for a framework how this is to be done. The group will then produce three documents profiling the use of the framework for the following types of keying material:
1. A shared secret key. 2. A bare asymmetric key. 3. A bound asymmetric key (such as an X.509 certificate).
As part of the validation of the framework, the group will examine how other real world enrollment procedures could be profiled. For example, credit card information might be part of the input to the enrollment process.
Nov 03 | First draft of model | |
Feb 04 | Last call on model document | |
Feb 04 | First draft of Framework document | |
May 04 | First draft of secret key profile | |
May 04 | First draft of bare asymmetric key profile | |
May 04 | First draft of bound asymmetric key profile | |
Jun 04 | Last call on module document | |
Oct 04 | Last call on secret key profile | |
Oct 04 | Last call on bare asymmetric key profile | |
Oct 04 | Last call on bound asymmetric key profile |