Secure Credential Transfer (secret) BOF Virtual Meeting: 2022-02-10

[IESG Secretary]

The Secure Credential Transfer (secret) BOF will hold a virtual interim meeting 
on 2022-02-10 from 09:00 to 11:00 America/Los_Angeles (17:00 to 19:00 UTC).

Agenda:

    Intro
    Use cases
    Requirements
    WG charter discussion: 
https://github.com/dimmyvi/secure-credential-transfer/blob/main/charter.md
    Conclusion

Draft: https://datatracker.ietf.org/doc/html/draft-secure-credential-transfer-03

Information about remote participation:
https://meetings.conf.meetecho.com/interim/?short=d1a67502-8fe8-4fc2-bb9b-f2e2f4594bb4

The meeting will happen over Meetecho. To join the session, you will need to 
use your IETF Datatracker (https://datatracker.ietf.org/) login, which you 
should create ahead of time if you don't already have one. If you have 
forgotten your IETF Datatracker password, you can request a reset 
(https://datatracker.ietf.org/accounts/reset/). For more information, see the 
Meetecho guide for participants 
(https://www.ietf.org/how/meetings/technology/meetecho-guide-participant/).

BOF Request: 
https://datatracker.ietf.org/doc/bofreq-secure-credential-transfer-bof-request/

Description:

We presented the secure credential draft to Dispatch on Monday of IETF week 
(2021). There was a lot of interest, but folks asked for additional detail on 
the problem statement, requirements, and use cases. It was decided that we 
weren’t ready to form a WG right away and instead endeavored to schedule a BoF 
to review the above items prior to forming a WG. The goal is to allow users 
with secure credentials on their mobile devices to be able to shares 
entitlements that these credentials grant to other users. This would be 
achieved by defining and standardizing a protocol that will facilitate such 
credential transfers from individual to individual. The protocol will leverage 
a “relay server” to transfer data from sender to recipient. The scope of the 
transfer is limited to a single origin device and a single destination device. 
This system does not exist today in a standards-based, cross-platform and 
cross-channel capacity. The goal of this BoF is to answer some of the questions 
that came up during the Dispatch meeting (such as, why can’t these credentials 
simply be lifted and cloned and then sent to the recipient?). We also want to 
provide additional detail into the applicable use cases, and some of the 
security and privacy requirements for the solution. The ultimate goal is to 
form a WG to discuss the initiative in an ongoing capacity.

_______________________________________________
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce