Fw: No MashSSL Call today/Updates from RSA conference


To the correct address this time.


________________________________

From: Bajaj, Siddharth 
To: public-xg-mashssl-request@w3.org 
Cc: Bajaj, Siddharth 
Sent: Thu Mar 11 09:26:14 2010
Subject: No MashSSL Call today/Updates from RSA conference 


 

Hi All,

 

We will not be having the Mash SSL call this week. In lieu, we will have the call at the same time next week if that works for folks. 

I just realized that I have a conflict today that I cannot get out of. Apologize for the last minute notice. 

 

 

Report from the RSA P2P session:

Also wanted to give everybody an update on the RSA Peer-2-Peer session that we hosted on MashSSL. We had about 12 attendees – including Ben Wilson, Thomas Hardjono, and myself. Additionally, there were folks from Comcast, Wells Fargo, VeriSign, US Government, ACT (they do standardized testing), and Lynn from SafeMashups. For those of you who have not been to the P2P session before, these are very informal sessions, with folks sitting round a table and discussing a topic of common interest. There are no slides, just a notepad for some ‘whiteboarding’.

 

Ben, Thomas and I explained the Mash SSL protocol and use-cases to the rest of the folks. The major take-away that at least I had was that folks were getting confused by the word SSL in MashSSL. Specifically, 

 

-          They were confused on whether this replaces SSL. We need to do a good job to explain how SSL and MashSSL can co-exist.

-          Secondly, folks see SSL as a protocol for transmitting information securely in an encrypted channel and they were trying to draw parallels here. So we need to explain that base MashSSL protocol does the authentication and key establishment. But how can one layer another protocol on top of MashSSL to carry information securely between two parties through a ‘friend/intermediary’

 

Finally, I think there were some concerns raised about what is the new problem that MashSSL solves that existing protocols don’t solve. So, we need to articulate that very crisply in our report. 

 

IETF SAAG presentation:

On a related note, the IETF has asked us to present during the SAAG (Security Area General session) during the upcoming IETF meetings later this month. 

 

Thanks and talk to you next week,

 

Siddharth 

Received on Thursday, 11 March 2010 21:31:48 UTC