Todd – thanks for sending around
this pointer. The issues raised in the paper are definitely relevant to this
afternoon’s discussion.
Regards,
Bob
From: Todd Arnold
[mailto:arnoldt@US.IBM.COM]
Sent: Wednesday, June 06, 2007
8:28 AM
To: STDS-P1619@listserv.ieee.org
Subject: Re: [IEEE_P1619] slide
deckf or PKCS discussion at [IEEE_P1619] [P1619.3] June 6th, 2007
Before settling on PKCS#11 as an interface, I recommend
everyone read Jolyon Clulow's paper "On the security of PKCS#11",
which you can find at
http://citeseer.ist.psu.edu/rd/22706997%2C702626%2C1%2C0.25%2CDownload/http://citeseer.ist.psu.edu/cache/papers/cs/33491/http:zSzzSzwww.cl.cam.ac.ukzSz%7Ejc407zSzSecurityOfPKCS11.pdf/on-the-security-of.pdf.
(or link to it from http://citeseer.ist.psu.edu/702626.html).
There
are a lot of security "gotchas" in PKCS#11 which are not obvious from
the level of information in the presentation Robert sent. You need to be
sure that you block use of any of the PKCS#11 features that can allow security
weaknesses in your system.
-------------------------------------------------------------------
Todd W. Arnold, STSM
IBM Cryptographic Technology Development
(704) 594-8253 FAX 594-8336
-------------------------------------------------------------------
email: arnoldt@us.ibm.com
|
"Griffin, Robert"
<rgriffin@RSASECURITY.COM>
06/05/2007 05:32 PM
|
Please
respond to
"Griffin,
Robert" <rgriffin@RSASECURITY.COM>
|
|
|
To
|
STDS-P1619@listserv.ieee.org
|
|
cc
|
|
|
Subject
|
[IEEE_P1619] slide deckf or PKCS discussion
at [IEEE_P1619] [P1619.3] June 6th, 2007
|
|
Hi –
Here’s some PKCS slides I’d like to use for my
slot on the agenda tomorrow.
Regards,
Bob
From: Matt Ball
[mailto:matt.ball@ieee.org]
Sent: Tuesday, May 29, 2007 11:40 PM
To: STDS-P1619@listserv.ieee.org
Subject: [IEEE_P1619] [P1619.3] Draft Agenda for June 6th, 2007
The next P1619.3 meeting will be on June 6th from 10:00 am to noon, Pacific Time,
via teleconference. For those attending T11, this should fit it between
FC-IFR, and T11.5Mgmt-API. If there is any company interested in
sponsoring a room and phone line, I can provide the 'Jim Hughes Conference
Phone' (assuming you're in the Denver-Boulder area).
Please let me know if you have any additional agenda items. I'm hoping
that we can start to solidify the plan at this point and start the real work.
If possible, we need to find answers to questions like whether we want to
use XML SOAP for the command architecture, or whether there are better
alternatives (PKCS#11-based?). How do we convert this to a binary format
(automatic conversion, manual)? What is the format for the universal key
identifier?
Draft Agenda:
1.
Introductions (~15 minutes for all
front matter)
2.
Approval of the agenda
3.
IEEE patent slideset
4.
Approval of previous
minutes
5.
Review of past action items
6.
Technical discussions
1.
PKCS#11 (Bob Griffin, RSA Security; 60
minutes)
2.
Key ID (Matt Ball, Quantum; 15
minutes)
3.
Uses Cases (General, remainder)
7.
Review of new action items
8.
Schedule next meeting
Currently, we have a MeetingPlace meeting setup through Cisco. However,
I've heard complaints that MeetingPlace is not very good. If you have a
WebEx system and would be able to provide hosting, please let me know and we
can switch over to that system instead!
Date/Time: JUN 6, 2007 from 10:00 am to 12:00 pm Pacific Daylight Time - Face
to Face Meeting (see below)
Meeting ID: 130748596 [NOTE CHANGED MEETING ID]
US/Canada: +1.866.432.9903 United Kingdom: +44.20.8824.0117
India: +91.80.4103.3979 Germany:
+49.619.6773.9002
Japan: +81.3.5763.9394 China:
+86.10.8515.5666
Go to < http://meetingplace.cisco.com/join.asp?130748596>
Thanks!
Matt Ball
SISWG P1619.3 Chair
Quantum Corporation
4001 Discovery Drive, Suite 1100
Boulder, CO
80303
Work: 720-406-5766
Cell: 303-717-2717 [attachment "pkcs_11_pres_4jun07.ppt" deleted by
Todd Arnold/Charlotte/IBM]