OASIS IDtrust Steering Committee

 View Only
  • 1.  2009 Budgets and EKMI TC

    Posted 01-13-2009 20:16
    Hi everybody,
    
    Happy new year!  (OK, now that the pleasantries are over.... :-))
    
    I'm trying to get a sense for how to plan 2009 activities for the
    EKMI TC.  It would help me to understand IDtrust SC's goals and
    budgets for this year, so we can align ourselves.
    
    We're on the verge of voting to create the SKSML Committee
    Specification (as soon as Mary McRae sends out the ballot) and
    will be starting new work in the TC.  Some of the things we have
    on our plate:
    
    1) Creating a mobile-SKSML profile.  PayPal is specially interested
        in this and Upendra Mardikar has written up a proposal to create
        a sub-committee.  As soon as he sends it out, we will vote on it.
        Goal is to put out the profile in 2009.
    
    2) Pick up work (that we shelved in 2006) on the EKMI Implementation,
        Operations and Audit Guidelines.
    
    3) Start discussions with IETF KEYPROV to see if there are ways to
        work together.  They want to talk about using a common symmetric
        key-container in both protocols.  Remains to be seen if this is
        feasible, given our different goals for what the keys will be
        used for.
    
    4) Start working on the corporate members of EKMI to provide support
        letters/emails for SKSML so that it can get to a standards vote.
    
        (We currently have many "sponsor" members on the TC - but only 3
        are "visible": CA, Red Hat and US DOD.  The others (Microsoft,
        Oracle, Wells Fargo, Symantec, RSA, BoozAllen, Mitre, etc.) are
        all Observers.
    
        I don't know enough about OASIS to know if Observers can provide
        support-emails, but without 3 of these e-mails, we can't get to
        a standards vote.  Any help that the SC can provide in getting
        these three letters would help get SKSML to a standards vote.)
    
    5) We've contracted with a developer to create the EKMI Flash-demo;
        this will use $3.5K of the $5.0K we had in 2008.  About half-dozen
        TC members plan to be at RSA in SFO in spring.  I would like to
        rent a room for 1/2 day and provide lunch for the attending TC
        members from the remainder of the budget.  Assuming the room (in
        some hotel) is about $300 and lunch for 6 people is about $200,
        I estimate about $500 for this.
    
    6) We would like to build on the introductory Flash-demo that we
        should have before RSA, and add a segment on SKSML for software
        developers.  This might come to an another $3-4K.
    
    7) The IEEE has taken the lead in creating a Key Management Symposium
        in 2008.  It was only logical that they could pull it off - about
        75% of the attendees were IEEE members.  However, OASIS got a lot
        of visibility there because of two presentations I gave.  There
        were about 3-4 OASIS attendees to the conference.
    
        There will be another KMS in summer 2009; EKMI TC might want to
        consider sponsoring part of it: potential cost: $1-2K (last year
        was $1K for logo on web-site and mention in the opening remarks).
    
    I would appreciate knowing how IDtrust sees 2009 shaping up and its
    goals/budgets, so we can scope the work of the EKMI TC.  While we
    have lost 2-3 individual members, I am anticipating new ones to join
    in 2009.  Let me know if you need any more information.
    
    Thanks.
    
    Arshad
    
    
    
    
    
    


  • 2.  Re: 2009 Budgets and EKMI TC

    Posted 01-13-2009 20:28
    In the event we do get to have that lunch and EKMI TC meeting,
    we could extend this to make it into a "mini-IDtrust meeting"
    event.  Get a larger room, put 4-5 round-tables in the room
    for individual TC meetings, and then everybody have lunch
    together.  We could even let each TC speak for 5-minutes to all
    attendees on what they're upto, what they've accomplished so
    far and what they're working on for 2009 and beyond.
    
    This would be a good work-session, networking and education
    event for IDtrust members.  If we had it in the afternoon
    (began with a lunch, had a meeting session and break for coffee),
    we could even invite non-OASIS/non-IDtrust RSA attendees to come
    over for coffee and learn about OASIS/IDtrust and get excited
    about doing some interesting work on security standards.
    
    Of course, the assumption is that IDtrust would pick up the
    cost for this mini-IDtrust 1/2-day event.  Let me know if this
    makes sense.
    
    Thanks.
    
    Arshad
    
    Arshad Noor wrote:
    > 
    > 5) We've contracted with a developer to create the EKMI Flash-demo;
    >    this will use $3.5K of the $5.0K we had in 2008.  About half-dozen
    >    TC members plan to be at RSA in SFO in spring.  I would like to
    >    rent a room for 1/2 day and provide lunch for the attending TC
    >    members from the remainder of the budget.  Assuming the room (in
    >    some hotel) is about $300 and lunch for 6 people is about $200,
    >    I estimate about $500 for this.
    >