[caops-wg] Fwd: TAM is a deal done? Was: TAM as a new WG item?

Alan Sill Alan.Sill at ttu.edu
Tue Jan 15 10:23:20 CST 2008 

TAM = Trust Anchor Management

Do we want to weigh in as a related standards organization (or an  
opinionated party)?

Thanks,
Alan

Begin forwarded message:

> From: Russ Housley <housley at vigilsec.com>
> Date: December 19, 2007 4:03:09 PM CST
> To: "Denis Pinkas" <denis.pinkas at bull.net>
> Cc: ietf-pkix at imc.org
> Subject: Re: TAM is a deal done? Was: TAM as a new WG item?
>
>
> Yes, and the IESG approval process includes a community review  
> similar to IETF Last Call as well as the proposed charter being  
> sent to several other SDOs to detect potential overlap.
>
> Russ
>
> At 06:34 AM 12/10/2007, Denis Pinkas wrote:
>
>> Russ,
>>
>> >There was a lot of support for adding this work item to PKIX, but  
>> the
>> >proposed text for the rechartering of the WG has not been sent to  
>> the
>> >IESG for approval yet.
>>
>> My understanding is the following:
>>
>> If TAM is supposed to become a PKIX work item,
>> then a text for that new work item would need to be submitted to  
>> the PKIX WG.
>>
>> If TAM is supposed to become a WG, then a proposed text for the WG
>> would need to be sent to the IESG for approval.
>>
>> Is this understanding correct ?
>>
>> Denis
>>
>> >Russ
>> >
>> >
>> >At 01:57 AM 12/8/2007, Anders Rundgren wrote:
>> >
>> >>The following is dedicated to the folks who presumably will make  
>> TAM
>> >>a PKIX WG item.
>> >>
>> >>Today "remote control" of devices like laptop computers and  
>> mobile phones
>> >>is already a fact.  For the latter there is a scheme known as  
>> OMA-DM which
>> >>is used not only for distributing cryptographic keys, but  
>> software updates and
>> >>"registry" settings.   I don't really see that trust anchors differ
>> >>from any other
>> >>piece of information that an organization wants to securely  
>> maintain
>> >>in their fleet
>> >>of client computers.
>> >>
>> >>"Unmanaged" devices like consumer computers seems to be a white  
>> spot but
>> >>IMO automatic software updates + various services that the  
>> browser vendors
>> >>supply, essentially do what is technically feasible in assuring  
>> that
>> >>the user is
>> >>connecting to a credible site (the #1 problem on the Internet).
>> >>
>> >>thanks
>> >>Anders Rundgren
>> >
>

More information about the caops-wg mailing list