Object/Document Security (ios) ------------------------------ Charter Last Modified: 02/09/1995 Current Status: Concluded Working Group Chair(s): John Lowry Security Area Director(s): Jeffrey Schiller Steve Bellovin Security Area Advisor: Jeffrey Schiller Mailing Lists: General Discussion: To Subscribe: Archive: Description of Working Group: Temporary Description 11/17/94 mw The purpose of this BOF is to present information and to discuss ideas associated with document/object security, store and forward security, and third-party security services. The general idea of creating protected objects (e.g., signed documents, encrypted files) which can be accessed and transferred by a variety of applications is being discussed in several contexts - store and forward extensions to GSSAPI, PEM-MIME work, www security, etc. We would like to discuss requirements and constraints for a general capability for protected objects and explore the need for a common approach to providing these types of services. We are planning to present some of our ideas on the requirements and goals for general protected objects as well as details on an Information Object Security project BBN is currently working on for ARPA (short summary below). This project has developed security tools for protection of documents and objects as well as for invoking and performing trusted third party services. We're looking for anyone else who would like agenda time to either present specific work/ideas or to discuss requirements and other contexts for protected objects. If you'd like to volunteer either send a message to jlowry@bbn.com or just show up and we can sort out the agenda there. Finally there will be a discussion to determine whether there is interest in continuing. Should a mailing-list be formed ? Is there enough interest and focus to attempt creation of a working group charter ? After the BOF, we're prepared to demonstrate prototype IOS tools for any interested parties. ******** IOS Project These tools allow the users to apply multiple parallel and sequential signatures and annotations to objects/documents, and to provide access control and confidentiality protections to these objects/documents. There are a number of utilities available to perform certificate validation and maintain a cache of certificates. Included in the tool set is an ASN.1 to C++ compiler. Third-party services are also under investigation and the issues of a trusted time-stamp server, third-party involvement in non-repudiation, and proof of delivery, submission, and receipt are addressed. Documents describing the IOS project tools and architecture are available for anonymous ftp from the server ftp.bbn.com in the directory /pub/outgoing/ios_docs. Goals and Milestones: Internet-Drafts: No Current Internet-Drafts. Request For Comments: None to date.