[secdir] wpkops BOF report

Stephen Hanna <shanna@juniper.net> Thu, 08 November 2012 20:32 UTC

Return-Path: <shanna@juniper.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 6BDDB21F88EA for <secdir@ietfa.amsl.com>; Thu, 8 Nov 2012 12:32:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.447
X-Spam-Status: No, score=-103.447 tagged_above=-999 required=5 tests=[AWL=0.020, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, UNRESOLVED_TEMPLATE=3.132, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id tnY0Bdw-zpki for <secdir@ietfa.amsl.com>; Thu, 8 Nov 2012 12:32:26 -0800 (PST)
Received: from exprod7og111.obsmtp.com (exprod7og111.obsmtp.com []) by ietfa.amsl.com (Postfix) with ESMTP id 659A521F88DE for <secdir@ietf.org>; Thu, 8 Nov 2012 12:32:26 -0800 (PST)
Received: from P-EMHUB02-HQ.jnpr.net ([]) (using TLSv1) by exprod7ob111.postini.com ([]) with SMTP ID DSNKUJwW2ikly9lEw/oeCAbUD3sCnUuw/ege@postini.com; Thu, 08 Nov 2012 12:32:26 PST
Received: from P-CLDFE02-HQ.jnpr.net ( by P-EMHUB02-HQ.jnpr.net ( with Microsoft SMTP Server (TLS) id; Thu, 8 Nov 2012 12:30:46 -0800
Received: from o365mail.juniper.net ( by o365mail.juniper.net ( with Microsoft SMTP Server id 14.1.355.2; Thu, 8 Nov 2012 12:30:45 -0800
Received: from co1outboundpool.messaging.microsoft.com ( by o365mail.juniper.net ( with Microsoft SMTP Server (TLS) id 14.1.355.2; Thu, 8 Nov 2012 12:37:47 -0800
Received: from mail136-co1-R.bigfish.com ( by CO1EHSOBE010.bigfish.com ( with Microsoft SMTP Server id; Thu, 8 Nov 2012 20:30:45 +0000
Received: from mail136-co1 (localhost []) by mail136-co1-R.bigfish.com (Postfix) with ESMTP id ADC60C80A05 for <secdir@ietf.org.FOPE.CONNECTOR.OVERRIDE>; Thu, 8 Nov 2012 20:30:44 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:; KIP:(null); UIP:(null); (null); H:SN2PRD0510HT001.namprd05.prod.outlook.com; R:internal; EFV:INT
X-SpamScore: 4
X-BigFish: PS4(zzzz1de0h1202h1d1ah1d2ahzzz2dh2a8h668h839h944hd25hf0ah1220h1288h12a5h12a9h12bdh137ah13b6h1441h1504h1537h153bh15d0l1155h)
Received: from mail136-co1 (localhost.localdomain []) by mail136-co1 (MessageSwitch) id 1352406636329734_1871; Thu, 8 Nov 2012 20:30:36 +0000 (UTC)
Received: from CO1EHSMHS029.bigfish.com (unknown []) by mail136-co1.bigfish.com (Postfix) with ESMTP id 4E513A80046 for <secdir@ietf.org>; Thu, 8 Nov 2012 20:30:36 +0000 (UTC)
Received: from SN2PRD0510HT001.namprd05.prod.outlook.com ( by CO1EHSMHS029.bigfish.com ( with Microsoft SMTP Server (TLS) id; Thu, 8 Nov 2012 20:30:33 +0000
Received: from SN2PRD0510MB372.namprd05.prod.outlook.com ([]) by SN2PRD0510HT001.namprd05.prod.outlook.com ([]) with mapi id 14.16.0233.002; Thu, 8 Nov 2012 20:01:43 +0000
From: Stephen Hanna <shanna@juniper.net>
To: "secdir@ietf.org" <secdir@ietf.org>
Thread-Topic: wpkops BOF report
Thread-Index: Ac296N4rjhn99D7aTWWWhsplwz7pxA==
Date: Thu, 8 Nov 2012 19:40:20 +0000
Message-ID: <F1DFC16DCAA7D3468651A5A776D5796E033C68D4@SN2PRD0510MB372.namprd05.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-FOPE-CONNECTOR: Id%12219$Dn%IETF.ORG$RO%2$TLS%5$FQDN%onpremiseedge-1018244.customer.frontbridge.com$TlsDn%o365mail.juniper.net
Subject: [secdir] wpkops BOF report
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Nov 2012 20:32:27 -0000

The Web PKI Operations BOF (wpkops) met on Monday afternoon.
Although this BOF was technically in the OPS area, it is
probably of interest to many people in the SEC area.

Several presenters explained the mess that is the current
web PKI. A draft WG charter was presented, proposing to
document the widely-used parts of this mess so that the
participants can know what to expect. Perhaps someone can
even help make it a little better! But improvements to
the web PKI are explicitly out of scope for this effort:
only documentation of the status quo.

The main topic discussed was whether user interface
should be in scope. The consensus was that we should
include functional documentation of the information
provided to users about the web PKI and the actions
they can take.

With this agreement, there was strong consensus in the
room that the problem statement is clear, well-scoped,
solvable, and urgent. Plenty of editors are on board
and about 20 people indicated that they would read the
drafts and comment. So there was rough consensus that
we should charter a working group in this area.