SAAG Minutes, August 2004
There were working group and BoF reports from PERM, SASL, KRBWG, INCH, PKIX, SMIME, LTANS, MOBIKE, PKI4IPSEC, ENROLL, MSEC, KITTEN, ISMS, and MASS. See the individual WG's minutes for details.
Joe Touch gave a talk on Anonymous IPsec (draft-touch-anonsec-00.txt).
Jordi Palet spoke on IPv6 Distributed Security; again, see the slides.
Ian Bryant proposed work on exploit reporting.
During the open mike session, the primary topic of discussion was the difficulty of using certificates and PKI. A mailing list was created (https://www.machshav.com/mailman/listinfo.cgi/easycert) for discussion of this topic; the aim is to work towards an EASYCERT BoF in Washington. The goal of that BoF is to explore what the IETF can do to help with that problem. During the SAAG meeting, we heard of some success stories. The hard parts seemed to be at the political layer; success came when there was an already-existing authentication infrastructure that could be leveraged to issue certificates.