[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

US Government Cryptographic Interfaces Meeting









         I attach some (unofficial) notes on a recent meeting sponsored by 
         the US government. Comments welcome.
         
         - pvm
         
         Ps. As I am in San Jose this week, I will try to get to the 
         10DEC94 Bay Area CP meeting where I can briefly talk about it if 
         there is any interest.
         
         
         -----
         
         
         Report from 01DEC94 NIST Cryptographic API Meeting
         
         
         On 01DEC94, NIST (a branch of the US Department of Commerce) 
         convened an "information sharing and discussion" meeting on 
         Cryptographic APIs (CAPI) at Gaithersburg.
         
         Present were "leaders in the field of computer cyptography". Some 
         well known figures present were Steve Walker, Dorothy Denning, 
         Burt Kaliski, Warwick Ford, and Miles Smid. Government attendees 
         included 7 from the NSA, 4 from NIST, 5 from the UK MoD, 2 from 
         NASA, and 2 from ARPA. In addition to RSA Labs, BNR, and TIS - 
         other vendors present included Spyrus, IBM, HP, Novell, Microsoft, 
         Datakey, Racal-Guardata, Uptronics, Bankers Trust, National 
         Semiconductor, and myself representing the X/Open (vendor 
         consortium) Security Working Group.
         
         The meeting heard presentations on initiatives relating to 
         cryptographic APIs. These comprised:
         - International Cryptographic Experiment (ICE)
         - MoD Security in Open Systems Technical Demonstrator Programme
         - X/Open Cryptographic Service Model
         - ANS1 X9F1 Layered Cryptographic Service Model
         - POSIX Cryptographic Study Group
         - GSS-API
         - NIST Cryptographic Service Calls  draft FIPS
         - NSA CAPI Goals, Architecture, and Requirements
         - Royal Holloway University of London CAPI Study
         - RSA Labs PKCS11 
         - IBM Generic Cryptographic Interface
         - BNR/NT Entrust Interface
         - Spyrus
         
         Copies of the slides, and the X/Open draft preliminary 
         specification were distributed to the attendees.
         
         I received some unsolicited positive feedback on the X/Open 
         Security Working Group's output from a number of the attendees, 
         and also three requests to join the group. It was a useful 
         validation that X/Open are proceeding down the right track.
         
         There was discussion during the meeting on the correct scope for 
         CAPIs, and a debate on the market pressures towards convergence.
         
         Two specific threads of activity were identified:
         1)standards coordination looks containable given the cooperative
           and positive attitude among representatives of ANSI, POSIX,
           NIST, and X/Open. I believe that NIST and the vendor community
           through X/Open can work together to get agreement on an 
           interface which meets the requirements, is grounded in
           implementation experience;
         2)implementation experience with CAPIs, and associated effort to
           shift export control policy will be enabled as part of the
           International Cryptographic Experiment.
         
         Timely completion of a cross-industry cryptographic interface, and 
         in parallel its validation in real systems, will then lead to a 
         firm basis for international agreement.
         
         
         -------------------------------------------------------
         P V McMahon                                     06DEC94
         ICL Enterprises
         post:  Kings House, 33 Kings Road, Reading, RG1 3PX, UK
         email: [email protected]
           OR   [email protected]
         phone: +44 734 634882
         fax:   +44 734 855106
         -------------------------------------------------------