[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
US Government Cryptographic Interfaces Meeting
I attach some (unofficial) notes on a recent meeting sponsored by
the US government. Comments welcome.
- pvm
Ps. As I am in San Jose this week, I will try to get to the
10DEC94 Bay Area CP meeting where I can briefly talk about it if
there is any interest.
-----
Report from 01DEC94 NIST Cryptographic API Meeting
On 01DEC94, NIST (a branch of the US Department of Commerce)
convened an "information sharing and discussion" meeting on
Cryptographic APIs (CAPI) at Gaithersburg.
Present were "leaders in the field of computer cyptography". Some
well known figures present were Steve Walker, Dorothy Denning,
Burt Kaliski, Warwick Ford, and Miles Smid. Government attendees
included 7 from the NSA, 4 from NIST, 5 from the UK MoD, 2 from
NASA, and 2 from ARPA. In addition to RSA Labs, BNR, and TIS -
other vendors present included Spyrus, IBM, HP, Novell, Microsoft,
Datakey, Racal-Guardata, Uptronics, Bankers Trust, National
Semiconductor, and myself representing the X/Open (vendor
consortium) Security Working Group.
The meeting heard presentations on initiatives relating to
cryptographic APIs. These comprised:
- International Cryptographic Experiment (ICE)
- MoD Security in Open Systems Technical Demonstrator Programme
- X/Open Cryptographic Service Model
- ANS1 X9F1 Layered Cryptographic Service Model
- POSIX Cryptographic Study Group
- GSS-API
- NIST Cryptographic Service Calls draft FIPS
- NSA CAPI Goals, Architecture, and Requirements
- Royal Holloway University of London CAPI Study
- RSA Labs PKCS11
- IBM Generic Cryptographic Interface
- BNR/NT Entrust Interface
- Spyrus
Copies of the slides, and the X/Open draft preliminary
specification were distributed to the attendees.
I received some unsolicited positive feedback on the X/Open
Security Working Group's output from a number of the attendees,
and also three requests to join the group. It was a useful
validation that X/Open are proceeding down the right track.
There was discussion during the meeting on the correct scope for
CAPIs, and a debate on the market pressures towards convergence.
Two specific threads of activity were identified:
1)standards coordination looks containable given the cooperative
and positive attitude among representatives of ANSI, POSIX,
NIST, and X/Open. I believe that NIST and the vendor community
through X/Open can work together to get agreement on an
interface which meets the requirements, is grounded in
implementation experience;
2)implementation experience with CAPIs, and associated effort to
shift export control policy will be enabled as part of the
International Cryptographic Experiment.
Timely completion of a cross-industry cryptographic interface, and
in parallel its validation in real systems, will then lead to a
firm basis for international agreement.
-------------------------------------------------------
P V McMahon 06DEC94
ICL Enterprises
post: Kings House, 33 Kings Road, Reading, RG1 3PX, UK
email: [email protected]
OR [email protected]
phone: +44 734 634882
fax: +44 734 855106
-------------------------------------------------------