Very Rough Agenda for Encryption Workshop

I put together a very rough agenda at [1]. I looked through my mailbox for 
those folks who said they were interested in speaking. If I include you and 
I shouldn't, if I should and I didn't, or if I said you're going to talk 
about something you aren't, let me know! (One of the best ways to do that is 
to post to the list those things you will talk about <smile>.)

I'm not convinced this is the best structure, but in playing with the time, 
this is what I came up with, any suggestions are welcome.



     NOTE: This is very very rough; the speakers are not necessarily confirmed
     and the characterization of their discussion make be inaccurate.

                                  DRAFT PROGRAM

    In the morning we begin by understanding the difference between
    encryption and authorization and the resulting the requirements of
    authorization; we expand our scope of requirement discussion; then
    focus the question on protocol and end-to-end security issues. The
    afternoon we focus on the present proposals, identify issues,
    determine direction, and discuss how to move forward.


   8.30 - 9.00 Continental Breakfast

   9.00 - 9.35 (35 minutes): Introduction

     1. Group, Introductions Around the Room (15m)
     2. Joseph Reagle, [6]Agenda (10m)
     3. Group, Agenda Bashing (10m)

   9.50 - 10.30 (40 minutes): Encryption versus Authentication versus 

      * the distinction between encryption and authorization, and the 
     resulting from authorization applications.

     1. Mark Scherling, XCert: Encryption requirements resulting from
        [7]proposed authorization model
     2. Christian Geuer-Pollmann, Uni-Siegen: Comparison/analysis of
        encryption and authorization.

   10.30 - 10.45 break

   10.45 - 12.50 (125 minutes): RequirementsI

      *   Applications, Parsers, References, and Protocol -- or lack thereof!

     1. Steve Wiley, MyProof (20m): Requirements with respect to
        deployed parsers, target document fragments, nested encryption,
     2. Eric Cohen, PriceWaterHouseCoopers (20m): XBRL requirements and
        lots of questions (process and technical).
     3. Thane Plambeck, Verisign (20m): Verisign requirements for XML
     4. Mike Wray, Hewlett-Packard (20m): XML and end-to-end security .
     5. Barb Fox, Microsoft (20m): Fire-and-forget encryption.

   12.50 - 2.00 lunch

   2.00 - 3.30 Proposals  (90 minutes)

      * Proposals (90 minutes)
          1. Ed Simon, Entrust (45 minutes): Report on experimenting with
             <EncryptedData/Node> element within within common XML
             scenarios (eg. encrypting element (easy), element content
             (easy with DOM level 2), attribute values (in progress) in
             DOM and XSLT frameworks). Fill out overview and syntax part
             of the XML Encryption spec that focuses on the
             <EncryptedData> element.
          2. Takeshi IMAMURA (45 minutes): <EncryptionInfo> element
             for algorithm and keying information

   3.30 - 3.45 break

   3.45 - 5:30 Content IV (105 minutes)

     1. Joseph Reagle, Close Technical Issues with Action Items (60m)
     2. Joseph Reagle, Process and Action-items (45m)
          1. Summary of W3C Process
          2. Charter
          3. Requirements Document
          4. Specification Proposals

Joseph Reagle Jr.
W3C Policy Analyst      
IETF/W3C XML-Signature Co-Chair

Received on Monday, 23 October 2000 18:33:10 UTC