I attach some (unofficial) notes on a recent meeting sponsored by the US government. Comments welcome. - pvm Ps. As I am in San Jose this week, I will try to get to the 10DEC94 Bay Area CP meeting where I can briefly talk about it if there is any interest. ----- Report from 01DEC94 NIST Cryptographic API Meeting On 01DEC94, NIST (a branch of the US Department of Commerce) convened an "information sharing and discussion" meeting on Cryptographic APIs (CAPI) at Gaithersburg. Present were "leaders in the field of computer cyptography". Some well known figures present were Steve Walker, Dorothy Denning, Burt Kaliski, Warwick Ford, and Miles Smid. Government attendees included 7 from the NSA, 4 from NIST, 5 from the UK MoD, 2 from NASA, and 2 from ARPA. In addition to RSA Labs, BNR, and TIS - other vendors present included Spyrus, IBM, HP, Novell, Microsoft, Datakey, Racal-Guardata, Uptronics, Bankers Trust, National Semiconductor, and myself representing the X/Open (vendor consortium) Security Working Group. The meeting heard presentations on initiatives relating to cryptographic APIs. These comprised: - International Cryptographic Experiment (ICE) - MoD Security in Open Systems Technical Demonstrator Programme - X/Open Cryptographic Service Model - ANS1 X9F1 Layered Cryptographic Service Model - POSIX Cryptographic Study Group - GSS-API - NIST Cryptographic Service Calls draft FIPS - NSA CAPI Goals, Architecture, and Requirements - Royal Holloway University of London CAPI Study - RSA Labs PKCS11 - IBM Generic Cryptographic Interface - BNR/NT Entrust Interface - Spyrus Copies of the slides, and the X/Open draft preliminary specification were distributed to the attendees. I received some unsolicited positive feedback on the X/Open Security Working Group's output from a number of the attendees, and also three requests to join the group. It was a useful validation that X/Open are proceeding down the right track. There was discussion during the meeting on the correct scope for CAPIs, and a debate on the market pressures towards convergence. Two specific threads of activity were identified: 1)standards coordination looks containable given the cooperative and positive attitude among representatives of ANSI, POSIX, NIST, and X/Open. I believe that NIST and the vendor community through X/Open can work together to get agreement on an interface which meets the requirements, is grounded in implementation experience; 2)implementation experience with CAPIs, and associated effort to shift export control policy will be enabled as part of the International Cryptographic Experiment. Timely completion of a cross-industry cryptographic interface, and in parallel its validation in real systems, will then lead to a firm basis for international agreement. ------------------------------------------------------- P V McMahon 06DEC94 ICL Enterprises post: Kings House, 33 Kings Road, Reading, RG1 3PX, UK email: p.v.mcmahon@rea0803.wins.icl.co.uk OR p.mcmahon@xopen.co.uk phone: +44 734 634882 fax: +44 734 855106 -------------------------------------------------------