

        Minutes of the August 27-28, 1997 Meeting of the 
                 Technical Advisory Committee 
      to Develop a Federal Information Processing Standard 
          for the Federal Key Management Infrastructure

August 27, 1997  

A quorum being present, the fifth meeting of the Committee was called to
order at 9:10 a.m. by the Chair, Dr. Stephen Kent.  In addition to the
Chair, members present were: Joe Alexander, Josh Benaloh, Tom Cahill, David
Carman, Santosh Chokhani, Paul Clark, John Edwards, Mark Etzel, Bill
Franklin, Roger French, Daniel Harkins, Ken Konechy, Paul Lambert, Mike
Markowitz, and Mike Matyas.  Government liaisons in attendance were: Elaine
Barker (substitute for Miles Smid), Howard Bolden, Michael Gilmore, Barbara
Kirsch, Dianne Dunshee (substitute for Jan Manning), John Sabo, Patricia
Sefcik, Denise Silverberg (substitute for Patricia Edfors), and Richard
Sweeney.  Also participating was Mark Bohannon of the U.S. Department of
Commerce. Mr. Roback introduced attendees who were substituting for their
various organizations. 
 (GITS, NIST, NSA)

Ed Roback, Executive Secretary, welcomed everyone and reviewed the agenda
for the two day meeting, which would be comprised of a series of working
group briefings, a FBI briefing, followed by detailed discussion and work
planning.  (See Reference #1.). 

Dr. Kent reported on the activities of each of the working groups since the
previous meeting and he thanked everyone for their efforts.  

The agenda then turned to reports from the working group chairmen.  First
was Mr. Roger French, Chair of the Framework Working Group.  Mr. French
reported that the WG feels comfortable with the group’s document at this
juncture and believe that they have a good format in place.  He solicited
general comments from the committee on the draft report.  One area noted by
Dr. Kent was that Section 1.3, which explores supporting components, has a
very different level of detail from that of Section 1.2, on the general
model.  He suggested that the descriptions of the supporting components in
Section 1.3 appeared to be too narrowly focused and may require that
explicit explanations be added.   There was also a discussion of terms, such
as the use of "encryption" as being more precise than the general
"cryptography."  It was thought useful to make that clarification so as to
reinforce the concept that signature-only keys would not be recoverable.  

Chair of the Security Working Group, Dr. Josh Benaloh, was next to present.
He used overheads and had handout materials.  Topic areas covered were:

· basic principles
· confidentiality
· confidentiality options
· further confidentiality options
· integrity
· integrity options
· authentication
· authentication options
· access
· non-repudiation
· non-repudiation options
· survivability
· survivability attacks
· availability
· auditing
· auditing options
· strength

Working Group #5 on Interoperability was reported on by Paul Clark, Chair.
His briefing covered the following topic areas:

· interoperability applications
· key recovery modes
· technique
· key recovery requester to the key recovery answer

Dr. Santosh Chokhani, Chair of the Assurance Working Group (#8)  presented
examples of a table of contents based on the common criteria.  Other areas
covered were: 

· Need for more than one model to meet customers needs.
· Covered listing of common criteria assurance requirements that are
recommended for exclusion.

After the lunch break, the afternoon session reconvened at 2:15 p.m.

Mr. Gilmore introduced the afternoon’s session by noting that, given the
stage of the Committee’s work progress, this seemed an appropriate juncture
at which to provide a detailed briefing to the Committee on electronic
surveillance.  The briefing was provided by Mr. Philip Mirarchi, of the
FBI’s Electronic Surveillance Section.  He has over 14 years experience in
working major organized crime cases and is an attorney with an engineering
background.  His presentation was an information briefing on legal issues
and procedures for electronic surveillance and search and seizure.

His presentation covered:

· the types of electronic surveillance
· other search and seizures methods
· legal basis for the surveillance
· federal legislation covering electronic surveillance
· federal rules of criminal procedures
· State constitutions and legislation

He explained pen registers, "trap and trace," stored communication access,
"call content" intercepts and "electronic" communications, court order
requirements, authorization processes, FBI/DOJ review process,
implementation procedures, court supervision.  He also explained what the
coverage of the Communications Assistance to Law Enforcement Act of 1994
(CALEA).  He identified the sanctions for unauthorized interception of
communications, the Federal rules of criminal procedure for search and
seizure and the Federal rules of evidence.  During his presentation there
were many questions by the committee.

See Reference #7 for details of the briefing.

August 28, 1997

The meeting reconvened at 9:10 a.m. with discussion of future meetings by
Dr. Kent.  Miscellaneous administrative announcements were made by committee
secretariat Ed Roback.   1998 meetings dates will be distributed to the
committee members.

The focus of the agenda was then on reports from the various working groups
based on earlier general feedback from the committee.

WG #1 Report 

· will make modifications to the current document.  Four persons in charge
of the four major sections will make the modifications based on input
received at this meeting.  
 
· Timetable in preparation for the October meeting :

-  11 September all four section drafts will be submitted to the working group;
-  15 September a telecom call at 1 p.m. EST will take place between working
group members;
-  30 September all four sections will be submitted and consolidated;
-  2 October the formal draft should be delivered the entire committee.
-  Section 1.0 overview to address interoperability 
-  Section  1.3 overview of two most prevalent schemes and 1 page of
supporting component and one line description of each.  
-  Section 1.35 policy will become 1.4 stand alone.

WG #2 Report

· Will proceed in the direction of a "mandatory options" approach.  It is
likely that a question will arise as to whether there will be various levels
of compliance.  
 
· May want to allow for lower levels of compliance (beyond those approved
for government use, so as to maximize general use of compliant products).  
 
· Policy and options are actually essential to the success of the FIPS.
Identification by levels would allow a vendor wider flexibility in
manufacturer of its products.  Separate certain levels and options should be
explored.   Agreed to look into multiple levels.

· Other questions raised dealt with organization of the document itself and
the intertwining of certain crosscutting areas between the groups.   
 
· Dr. Kent suggested that functional and security requirements would be good
to have in this section.  A suggestion made to use the orange book matrices
as examples.
 
· Timetable:  Will follow-up in person or via email.
 
· Need for a list of those security needs or items and what we think would
be mandatory features versus mandatory options (as still separate from
wholly optional options).
 
· There were a number of suggestions of, in effect, integrating the
activities of WG #2 into that of WG #1, so as to describe the security
features/requirements of each component of the model.  This was generally
thought to be a useful suggestion.  

WG #5 Report

· level issue of certification and evaluation of systems

· no timetable until after a conference call later next week

· defining requirements as they understand them 
 
· support of multiple techniques
 
· avoid stepping on standards toes by providing examples and guidance on key
recovery
 
· question of how would these examples be interpreted was raised; also
raised was how to map interoperability issues into the examples/models.

W.G. #8 Report

Dr. Kent discussed the options relevant to the use of multiple level matrix
ideas that would apply to any of the components. This included more detailed
discussion of the issues of some things that were left off of the list that
might be revisited in the content of the three level approach.

Some questions arose which Committee members thought require guidance from
the Administration.  It was suggested these be formulated questions and
posing them to all of the committee including the liaisons and see what
responses are received.  It was also recognized that obtaining answers may
be difficult in a timely manner so as to keep to the Committee’s timetable.
Therefore, it was suggested that the Committee endeavor to proceed apace
without waiting for formal guidance, even should written questions be
formulated.  

The meeting was adjourned at 11:40 a.m.

References (on file with the Secretariat)