[saag] wpkops BOF report

Stephen Hanna <shanna@juniper.net> Thu, 08 November 2012 21:10 UTC

Return-Path: <shanna@juniper.net>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 22E3921F8AED for <saag@ietfa.amsl.com>; Thu, 8 Nov 2012 13:10:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.451
X-Spam-Status: No, score=-103.451 tagged_above=-999 required=5 tests=[AWL=0.016, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, UNRESOLVED_TEMPLATE=3.132, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id JqfdQPpVUXN8 for <saag@ietfa.amsl.com>; Thu, 8 Nov 2012 13:10:12 -0800 (PST)
Received: from exprod7og105.obsmtp.com (exprod7og105.obsmtp.com []) by ietfa.amsl.com (Postfix) with ESMTP id B8C6521F894D for <saag@ietf.org>; Thu, 8 Nov 2012 13:10:06 -0800 (PST)
Received: from P-EMHUB01-HQ.jnpr.net ([]) (using TLSv1) by exprod7ob105.postini.com ([]) with SMTP ID DSNKUJwfrJaYAnNO3ODAdcCyHXb5VGWBHBYp@postini.com; Thu, 08 Nov 2012 13:10:08 PST
Received: from P-CLDFE02-HQ.jnpr.net ( by P-EMHUB01-HQ.jnpr.net ( with Microsoft SMTP Server (TLS) id; Thu, 8 Nov 2012 13:06:47 -0800
Received: from o365mail.juniper.net ( by o365mail.juniper.net ( with Microsoft SMTP Server id 14.1.355.2; Thu, 8 Nov 2012 13:06:47 -0800
Received: from CO9EHSOBE034.bigfish.com ( by o365mail.juniper.net ( with Microsoft SMTP Server (TLS) id 14.1.355.2; Thu, 8 Nov 2012 13:13:48 -0800
Received: from mail25-co9-R.bigfish.com ( by CO9EHSOBE034.bigfish.com ( with Microsoft SMTP Server id; Thu, 8 Nov 2012 21:06:46 +0000
Received: from mail25-co9 (localhost []) by mail25-co9-R.bigfish.com (Postfix) with ESMTP id 5D56EB8076C for <saag@ietf.org.FOPE.CONNECTOR.OVERRIDE>; Thu, 8 Nov 2012 21:06:46 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:; KIP:(null); UIP:(null); (null); H:SN2PRD0510HT002.namprd05.prod.outlook.com; R:internal; EFV:INT
X-SpamScore: 4
X-BigFish: PS4(zzzz1de0h1202h1d1ah1d2ahzzz2dh2a8h668h839h944hd25hf0ah1220h1288h12a5h12a9h12bdh137ah13b6h1441h1504h1537h153bh15d0l1155h)
Received: from mail25-co9 (localhost.localdomain []) by mail25-co9 (MessageSwitch) id 1352408804720461_2746; Thu, 8 Nov 2012 21:06:44 +0000 (UTC)
Received: from CO9EHSMHS012.bigfish.com (unknown []) by mail25-co9.bigfish.com (Postfix) with ESMTP id AB88C5C0051 for <saag@ietf.org>; Thu, 8 Nov 2012 21:06:44 +0000 (UTC)
Received: from SN2PRD0510HT002.namprd05.prod.outlook.com ( by CO9EHSMHS012.bigfish.com ( with Microsoft SMTP Server (TLS) id; Thu, 8 Nov 2012 21:06:44 +0000
Received: from SN2PRD0510MB372.namprd05.prod.outlook.com ([]) by SN2PRD0510HT002.namprd05.prod.outlook.com ([]) with mapi id 14.16.0233.002; Thu, 8 Nov 2012 20:27:35 +0000
From: Stephen Hanna <shanna@juniper.net>
To: "saag@ietf.org" <saag@ietf.org>
Thread-Topic: wpkops BOF report
Thread-Index: Ac296N4rjhn99D7aTWWWhsplwz7pxAABbFxA
Date: Thu, 8 Nov 2012 20:23:20 +0000
Message-ID: <F1DFC16DCAA7D3468651A5A776D5796E033C9977@SN2PRD0510MB372.namprd05.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-FOPE-CONNECTOR: Id%12219$Dn%IETF.ORG$RO%2$TLS%5$FQDN%onpremiseedge-1018244.customer.frontbridge.com$TlsDn%o365mail.juniper.net
Subject: [saag] wpkops BOF report
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Nov 2012 21:10:13 -0000

The Web PKI Operations BOF (wpkops) met on Monday afternoon.
Although this BOF was technically in the OPS area, it is
probably of interest to many people in the SEC area.

Several presenters explained the mess that is the current
web PKI. A draft WG charter was presented, proposing to
document the widely-used parts of this mess so that the
participants can know what to expect. Perhaps someone can
even help make it a little better! But improvements to
the web PKI are explicitly out of scope for this effort:
only documentation of the status quo.

The main topic discussed was whether user interface
should be in scope. The consensus was that we should
include functional documentation of the information
provided to users about the web PKI and the actions
they can take.

With this agreement, there was strong consensus in the
room that the problem statement is clear, well-scoped,
solvable, and urgent. Plenty of editors are on board
and about 20 people indicated that they would read the
drafts and comment. So there was rough consensus that
we should charter a working group in this area.