Fwd: TAM is a deal done? Was: TAM as a new WG item?
TAM = Trust Anchor Management Do we want to weigh in as a related standards organization (or an opinionated party)? Thanks, Alan Begin forwarded message:
From: Russ Housley
Date: December 19, 2007 4:03:09 PM CST To: "Denis Pinkas" Cc: ietf-pkix@imc.org Subject: Re: TAM is a deal done? Was: TAM as a new WG item? Yes, and the IESG approval process includes a community review similar to IETF Last Call as well as the proposed charter being sent to several other SDOs to detect potential overlap.
Russ
At 06:34 AM 12/10/2007, Denis Pinkas wrote:
Russ,
There was a lot of support for adding this work item to PKIX, but the proposed text for the rechartering of the WG has not been sent to the IESG for approval yet.
My understanding is the following:
If TAM is supposed to become a PKIX work item, then a text for that new work item would need to be submitted to the PKIX WG.
If TAM is supposed to become a WG, then a proposed text for the WG would need to be sent to the IESG for approval.
Is this understanding correct ?
Denis
Russ
At 01:57 AM 12/8/2007, Anders Rundgren wrote:
The following is dedicated to the folks who presumably will make TAM a PKIX WG item.
Today "remote control" of devices like laptop computers and mobile phones is already a fact. For the latter there is a scheme known as OMA-DM which is used not only for distributing cryptographic keys, but software updates and "registry" settings. I don't really see that trust anchors differ from any other piece of information that an organization wants to securely maintain in their fleet of client computers.
"Unmanaged" devices like consumer computers seems to be a white spot but IMO automatic software updates + various services that the browser vendors supply, essentially do what is technically feasible in assuring that the user is connecting to a credible site (the #1 problem on the Internet).
thanks Anders Rundgren
participants (1)
-
Alan Sill