[caops-wg] Fwd: TAM is a deal done? Was: TAM as a new WG item?
Alan Sill
Alan.Sill at ttu.edu
Tue Jan 15 10:23:20 CST 2008
TAM = Trust Anchor Management
Do we want to weigh in as a related standards organization (or an
opinionated party)?
Thanks,
Alan
Begin forwarded message:
> From: Russ Housley <housley at vigilsec.com>
> Date: December 19, 2007 4:03:09 PM CST
> To: "Denis Pinkas" <denis.pinkas at bull.net>
> Cc: ietf-pkix at imc.org
> Subject: Re: TAM is a deal done? Was: TAM as a new WG item?
>
>
> Yes, and the IESG approval process includes a community review
> similar to IETF Last Call as well as the proposed charter being
> sent to several other SDOs to detect potential overlap.
>
> Russ
>
> At 06:34 AM 12/10/2007, Denis Pinkas wrote:
>
>> Russ,
>>
>> >There was a lot of support for adding this work item to PKIX, but
>> the
>> >proposed text for the rechartering of the WG has not been sent to
>> the
>> >IESG for approval yet.
>>
>> My understanding is the following:
>>
>> If TAM is supposed to become a PKIX work item,
>> then a text for that new work item would need to be submitted to
>> the PKIX WG.
>>
>> If TAM is supposed to become a WG, then a proposed text for the WG
>> would need to be sent to the IESG for approval.
>>
>> Is this understanding correct ?
>>
>> Denis
>>
>> >Russ
>> >
>> >
>> >At 01:57 AM 12/8/2007, Anders Rundgren wrote:
>> >
>> >>The following is dedicated to the folks who presumably will make
>> TAM
>> >>a PKIX WG item.
>> >>
>> >>Today "remote control" of devices like laptop computers and
>> mobile phones
>> >>is already a fact. For the latter there is a scheme known as
>> OMA-DM which
>> >>is used not only for distributing cryptographic keys, but
>> software updates and
>> >>"registry" settings. I don't really see that trust anchors differ
>> >>from any other
>> >>piece of information that an organization wants to securely
>> maintain
>> >>in their fleet
>> >>of client computers.
>> >>
>> >>"Unmanaged" devices like consumer computers seems to be a white
>> spot but
>> >>IMO automatic software updates + various services that the
>> browser vendors
>> >>supply, essentially do what is technically feasible in assuring
>> that
>> >>the user is
>> >>connecting to a credible site (the #1 problem on the Internet).
>> >>
>> >>thanks
>> >>Anders Rundgren
>> >
>
More information about the caops-wg
mailing list