Emergency Services and Security

In a recent review by Bernard Aboba regarding a documents I wrote together with Henning Schulzrinne about “trustworthy location information” (with slides from the last IETF meeting below). The above slides build on previously presented slides shown below: Bernard included a link to an interesting article that is worth reading

NIST Key Management Workshop

Here is an announcement of interest for the IETF KEYPROV working group (and security groups in the IETF in general. http://xml.coverpages.org/keyManagement.html#NIST-KeyManagement200906 says: A NIST Key Management Workshop will be held June 8-9, 2009 at the U.S. National Institute of Standards and Technology, Gaithersburg, Maryland, USA. Registration is required by May

OASIS Key Management Interoperability Protocol

Recently, OASIS announced the creation of a new key management standards effort called KMIP (Key Management Interoperability Protocol. See new stories below: http://www.infoworld.com/article/09/02/12/HP_IBM_push_new_KMIP_encryption_key_standard_1.html http://www.centredaily.com/business/technology/story/1115505.html You can download the draft standard and FAQs from here: http://xml.coverpages.org/KMIP/ A short summary: The increased use of encryption for securing information in the enterprise reflects

Notruf Handbuch

Karl Heinz Wolf and Alexander Mayrhofer have worked on a book describing the IETF emergency services architecture and their contributions at NIC.AT. The book, which is written in Germany and focuses on the situation in Austria, can be bought here. Their webpage contains more information about the book and about

Creating rogue CA certificate using MD5 collisions

In case you have not heard about it yet: http://blogs.zdnet.com/security/?p=2339 Ekr explains all this in more detail, see http://www.educatedguesswork.org/2008/12/understanding_the_sotirov_et_a.html. A original paper can be obtained from here. Verisign is not sleeping and tells us what they did against this problem: https://blogs.verisign.com/ssl-blog/2008/12/on_md5_vulnerabilities_and_mit.php