Securely Available Credentials BOF (sacred) Tuesday, August 1 at 1700-1800 ============================== CHAIRS: Stephen Farrell Magnus Nystrom DESCRIPTION: A nice feature of smart-card based PKIs, in addition to the security offered by the cards themselves, is the "free-seating solution," or the portability of user's credentials. In order to provide a similar solution or service to environments where security is based on pure software implementations or so-called "soft tokens" (a.k.a. "virtual smart cards, "software files containing information normally stored on smart cards) some kind of credential store from which users can download their soft-tokens, using some specified protocol is required. This protocol will provide mobility for credentials. Such a protocol and specified data format might also allow an individual user to have the same set of credentials on, e.g., her mobile phone as in her desktop. Adding an upload protocol to the solution means that it in principle would be possible to always have the credential store up-to-date. Even in some cases where real smart cards are used, there may be some benefit to using such a protocol - e.g. when a new card is received, but "old" credentials should be used. If the cards offered the appropriate install and delete interfaces, then the credentials could be (securely) moved between cards. Many desktop applications also require mobility of credentials, for example to support some "kiosk" style operation, when a user upgrades a PC, or when "hot-desking". It is sometimes required to integrate such credential mobility with single-sign-on solutions. A protocol that could be used in the smart card case, can also be used to solve this case. Finally, some applications may benefit from the ability to migrate credentials from a device to a smart card, in particular where the smart card using device has limited user interface capabililies, e.g. a mobile phone. Security is at a premium for this working group; only authorized entities should be allowed to download credentials, credentials must be protected against eavesdropping and cut & paste attacks; attackers must not be able to succesfully replace an entities credentials at a credential serer; etc. Availability is also at a premium, a credential server must be reachable from many different types of client with different characteristics in terms of processing power, storage and network connectivity. The purpose of this working group is therefore to gather requirements for a solution beneficial to the Internet community, establish a framework for such a solution, and to develop or adopt the required protocols and credential formats. AGENDA: - agenda bashing - scene setting (some problems that might be solved) - HTTP/SASL strawman - - WG charter discussion