Re: [Ghost] Proposed Structure for Organizing Standards Information

"Boyle, Vincent M" <> Tue, 15 September 2015 20:03 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id F2E5F1ACE20 for <>; Tue, 15 Sep 2015 13:03:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id wLLjF1J5GG1c for <>; Tue, 15 Sep 2015 13:03:43 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id C1E931ACE1F for <>; Tue, 15 Sep 2015 13:03:42 -0700 (PDT)
X-TM-IMSS-Message-ID: <>
Received: from ( []) by ([]) with ESMTP (TREND IMSS SMTP Service 7.1; TLSv1/SSLv3 AES128-SHA (128/128)) id 33829e9d00060f2e ; Tue, 15 Sep 2015 16:03:43 -0400
Received: from ( by ( with Microsoft SMTP Server (TLS) id 14.2.347.0; Tue, 15 Sep 2015 16:03:39 -0400
Received: from ([]) by ([]) with mapi id 14.02.0347.000; Tue, 15 Sep 2015 16:03:39 -0400
From: "Boyle, Vincent M" <>
To: 'Kathleen Moriarty' <>
Thread-Topic: [Ghost] Proposed Structure for Organizing Standards Information
Thread-Index: AdDUXcxXhzNIWmXZT0+Nzz8oLTVF3gWCYH2AAWJeXZA=
Date: Tue, 15 Sep 2015 20:03:38 +0000
Message-ID: <>
References: <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-TM-AS-MML: disable
Archived-At: <>
Cc: "" <>
Subject: Re: [Ghost] Proposed Structure for Organizing Standards Information
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Mailing list for GatHering and reOrganizing STandards information \(GHOST\) team" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 15 Sep 2015 20:03:45 -0000

Hi Kathleen,
	I think use cases and device types would be a great starting point. Finding out what the state of the art (or state of practice) for authentication in different types of devices would be really useful. I guess this is just a use case, but I would be interested in what is currently being used for device ID (vs. user authentication) for various types of devices as well.

	Do you still have the services of that intern, or did they leave along with the summer?


-----Original Message-----
From: Kathleen Moriarty [] 
Sent: Tuesday, September 08, 2015 10:51 AM
To: Boyle, Vincent M
Subject: Re: [Ghost] Proposed Structure for Organizing Standards Information

Hi Mike and others,

Thanks for your interest in this project.

I do think it would be helpful to run through an example using authentication as our first target.  I had an intern trying to pull links and organize them in this space over the summer, but what I have back so far isn't enough of a starting point.

Would the reverse direction be more helpful in that this group designs a starting page?  For those that have not looked at the google doc, this would be the use cases and device types for authentication, allowing you to drill down to other links (existing where possible) to learn more about the options.  We will likely need 2 levels before a branch out or to specify what is needed in the landing pages for options available.

Thank you,

On Tue, Aug 11, 2015 at 2:05 PM, Boyle, Vincent M <> wrote:
> I read the Google doc again this morning. I like the idea of a short introduction to each topic and then moving on to specific situations (use cases and device types; maybe deployment scenarios as well, such as how big is the set of things that have to authenticate to each other, or how will keys be provisioned). In general, I like the idea of quickly getting to specifics and providing pointers to appropriate standards.
> I'm wondering if we need to work through the Authentication example a bit. Maybe create a part of the matrix (no attempt to be complete) and then see how we would handle things from there. I think even concentrating on a specific scenario (signed email) could be enlightening, considering the differences when you're all part of an enterprise vs. a community with no central authority.
>  If it would help, I'd be happy to join a phone call to discuss. Otherwise, maybe somebody more adept than me could create a small example to foster discussion.
> Mike Boyle
> _______________________________________________
> GHOST mailing list


Best regards,