INFORMATION SECURITY COMMITTEE
MEETING NOTICE
14-16 January 1999 -- Redwood Shores (ISC Meeting)
17 January 1999 -- San Jose (Open Meeting)
Please correspond with:
Michael S. Baum, Esq.
1390 Shorebird Way
Mountain View, CA 94043
v: 650.429.3444
f: 650.961.7300
e: michael@verisign.com
Dear Committee Member and Prospective Members:
You are cordially invited to participate in a meeting
of the Information Security Committee, Section of Science & Technology,
American Bar Association, on 14-16 January 1999 (Thursday through Saturday)
in Redwood Shores, CA. Our meeting immediately precedes the RSA Cryptography
Conference which begins in San Jose, CA on the 17th. The Oracle Corporation
has graciously agreed to sponsor this meeting at the Hotel Sofitel.
Special thanks to Oracle VP Kate McGee, Esq. for her greatly appreciated
efforts, and thanks as well to corporate sponsorship from Compaq and Datum.
Also, an open meeting to consider the content of PKIX Part 4 (regarding
certificate policy) will be held on Sunday morning, January 17th at the
San Jose Fairmont Hotel.
The Committee will continue its advancement of public
key infrastructure legal and control issues, and will include further work
on CA evaluation/accreditation, commercial key recovery guidelines, PKI
evidentiary issues, certificate policy, and user liability, among other
matters.
Consistent with Section policy, ISC meeting participants
must be members of both the ABA and the Section of Science and Technology.
Please contact Ann Kowalsky,
Manager for the Section of Science & Technology, at ABA headquarters
in Chicago by phone: 312.988.5599, fax: 312.988.5628 for membership information.
You can become a paid member of the ABA and the ISC at this meeting. An
ABA associate membership is available for non-lawyers.
Meeting details appear below. I look forward to seeing
you in Redwood Shores.
Sincerely,
Michael S. Baum
Chair, Information Security Committee
Section of Science & Technology, ABA
Top
Proposed Agenda
INFORMATION SECURITY COMMITTEE
Section of Science & Technology, ABA
14-16 January 1999
Proposed Agenda (in extended sessions,
take breaks as needed)
14 January 1999 -- Thursday
0830 - 0900 Greetings, coffee, administrative
matters (note: all times are PST)
0900 - 0930 Introductions, meeting logistics,
general announcements
0930 - 1030 Working Group updates
1030 - 1200 WG breakouts
1200 - 1300 Lunch speakers:
-
Kate McGee, Esq., Oracle Corporation - Sponsor Welcome
-
Dan Cooperman, Esq. Sr. VP, General Counsel and Secretary, Oracle Corporation
-
Topic: Enabling the Information Age through Internet Computing
-
Debra Chong, Esq.
-
Topic: ABA Standing Committee on Technology and Information Systems
(SCOTIS)
1300 - 1700 WG breakouts
1700 - ???? Watering hole discussions; possible
continuation of WG meetings
15 January 1999 -- Friday
0830 - 0900 Greetings, coffee, administrative
matters
0900 - 0930 Updates -- logistics, administrative,
WG related, etc.
0930 - 1200 WG breakouts
1200 - 1300 Lunch speakers:
-
Dave Billeter, Esq., State of WA; Bill Ferguson, CEO Arundel Consulting;
Gary Stoneburner, NIST
-
Topic: Establishing Trustworthy System Standards for CAs: Considering
the Value of CS2, ECMA, & ITSEC Standards in a PKI Environment
-
Peter Eckl, Rechtsanwalt, Anhaeusser, Unger, Eckl & Bergien (Karlsruhe/Germany)
and Pollet Law (Los Angeles)
-
Topic: The German Digital Signature Law - Evaluation and Practice
1300 - 1700 WG breakouts
1700 - ???? Watering hole discussions; possible
continuation of WG meetings
16 January 1999 -- Saturday
0830 - 0900 Greetings, coffee, administrative
matters
0900 - 0930 Updates -- logistics, administrative,
WG related, etc.
0930 - 1130 WG breakouts
1130 - 1230 Lunch speakers:
-
Parker Foley, VP of E-Comm., First Union Bank; Kevin Coleman, KPMG
-
Topic: Building a PKI Designed to Provide Enterprise-Wide CA and Digital
Certificate Services to the Bank's Business Units and Customers
-
Jim Wayman, Ph.D., Director National Biometric Test Center
-
Topic: The Implications of Biometrics on the Evaluation of PKIs
1230 - 1300 Close & Path Forward
17 January 1999 -- Sunday (Open Meeting)
Location: Crystal Room, Fairmont Hotel, San Jose, CA.
0900 - 1200 PKIX Part 4 - Discussion with
Santosh Chokani, Ph.D., and Warwick Ford, Ph.D.
An open meeting to discuss an update of the PKIX CP/CPS Framework,
in light of more recent work by the ABA ISC, NACHA, and others.
Additional proposed agenda items and speakers should be emailed to Michael
Baum. Other speakers TBD.
Top
Working Groups
Information Security Committee -- Redwood Shores, California
Electronic Commerce Division, Section of Science and Technology
MEETING DETAILS
Silicon Valley -- 14-16 January 1999 (Thursday -- Saturday)
Members are urged to participate in at least one of the Working Groups
that will be presenting/meeting during the ISC's meeting. Please contact
Ruven
Schwartz, committee vice chair, or a working group co-chair directly,
for further information.
**Accreditation Working Group
Contacts: Charlie
Merrill, Esq.
Lynn McNulty
Randy Sabett, Esq.
The current draft of the "PKI Evaluation Guidelines" dated
December 7, 1998 (220 pages, 700K bytes) is posted on the individually
passworded website at <http://gsulaw.gsu.edu/gsuecp/isclawg/>. This
project has attracted huge amounts of legal and technical PKI talent, expertise
and interest, and there is a strong feeling that the work can be released
for public comment by Q3 ‘99. E-mail to Chas Merrill <cmerrill@concentric.net>
if you are planning on working on this project at the January meeting and
do not yet have a username/password from Todd Vincent at GSU Law School.
Additional material and assignments will be posted on the passworded website
shortly before the January ISC meeting, reflecting some editorial meetings
scheduled between now and the ISC meeting.
**Audit and Controls Working Group
Contact: Kevin
Coleman
Charles LeGrand
Gene Ozgar, CPA
The Audit and Controls Working Group will continue to focus
on the requirements for the audit of certificate authorities, defining
the audit scope, model audit program, extent of test work and form of reporting.
The primary focus of the working group includes drafting of a model audit
program guide as a supplement to the PKI Evaluation Guidelines (PEG). Any
individuals with an interest or knowledge of important areas for audit
consideration are welcomed to assist.
**Certificate Services Agreements Working Group
Contacts: Kevin
O'Neill
Stephen Wu
The Certification Services Agreements Work Group has begun
writing "Certification Services Agreements," which is an outgrowth of the
ISC's accreditation and certificate policies activity. The purpose of "Certification
Services Agreements" is to assist the authors of a certificate policy definition,
certification practice statement, subscriber agreement, relying party agreement,
or other agreement relating to certification services by providing model
forms and a menu of alternative legal wording for use in particular clauses
of such documents. The document will include comments and annotations to
the PEG. At the Seattle meeting, the group reviewed its document drafting
plan, and continued the drafting process. At this meeting, the group will
review the materials submitted during and after the Seattle meeting and
will continue its drafting work.
**Digital Signatures Laws & Regulations Working Group
Contacts: Kenneth
Allen, Esq.
David Danner, Esq.
Dan Greenwood, Esq.
The Legislative and Regulatory Working Group will contribute
from a public law perspective to the drafting of the PKI Evaluation Guidelines
and will meet to discuss recent state government activities and developments
regarding electronic commerce and digital signatures.
**Evidentiary Working Group
Contacts: Gary
Fresen, Esq.
The Evidentiary Work Group will provide an evidentiary and
litigator’s review to the PEG legal section at the next meeting.
**Global Trade and Comparative Law Working Group
Contacts: Joseph
Alhadeff, Esq.
William Kennair, Esq.
Suzanne Thibodeau, Esq.
The Global Notices and Comparative Law Work Group will
advance standard notices, disclosures and warnings for certificates and
end-user PKI-oriented products and services as a way of facilitating trade
over secure global infrastructures.
**Key Recovery Working Group (KRWG)
Contacts: Emily
Frye, Esq.
Dwight Olsen
Randy Sabett, Esq.
The Key Recovery Working Group monitors key recovery initiatives,
legislation, and business models domestically and internationally. Work
at the January meeting will focus on defining key recovery stakeholders
in a joint project with the Key Recovery Alliance, as well as on assessing
whether a long-standing legislative resolution should continue to be advanced
by the ISC. New work initiatives may include legal analysis and drafting
to meet notice requirements in key recovery implementations.
**Liability Working Group
Contacts: Maureen Adamache, Esq.
Elise Reed, Esq.
The Liability Work Group will focus its work at this meeting
on the advancement of the PKI Evaluation Guidelines.
**Reciprocity Task Group
Contacts: David
Billeter, Esq.
Joe Alhadeff, Esq.
The Reciprocity Task Group will review and further consider
the draft Model Reciprocity Standards and Agreement. These documents
will provide guidelines for the inter-governmental recognition of foreign-licensed
certification authorities and will also provide private sector-generated
solutions in the form of guidelines and contract terms -which help companies
obtain legal recognition for their acts in foreign jurisdictions.
Top
Logistics
Attire for the meeting: casual
First-time participants planning to attend the January 14-16 meeting:
Please contact Ruven Schwartz,
ISC ViceChair, at 651.687.8095 for any questions, and to coordinate work-product
contributions for the upcoming meeting.
ISC Meeting Location: Sofitel
Hotel, Redwood Shores, California
Meals and Fees: TBD
Lodging:
The Hotel Sofitel in Redwood Shores is the site for the entire
meeting (Jan. 14-16) and is clearly the most convenient hotel. A block
of rooms has been reserved by Oracle, our meeting's sponsor. Please tell
the reservationist that you are with the ABA/Information Security Committee
and the rooms were reserved by Oracle Corporation. Rooms are available
from the evening of the 13th of January at $155/night. This rate
will be available at least through 23 December of 1998. Information
about this Sofitel can be found online.
SOFITEL SAN FRANCISCO BAY
223 Twin Dolphin Drive
Redwood City, CA 94065
Manager: Mr. Stephanie Ryan
Concierge: Raymond Huang
Phone: (650) 598 9000
Fax: (650) 598 0459
RSVP: Please confirm your intention to participate
to Ann Kowalsky, Section Mgr.,
Section of Science and Technology as soon as possible.
Logistics - Open Meeting re: PKIX Part IV (Sunday
17 January 1999, 9a.m. -- Noon)
The Crystal Room, Fairmont Hotel, San Jose, CA (Adjacent to
the Convention Center). Brunch will be served.
FAIRMONT HOTEL - SAN JOSE
170 South Market Street
San Jose, CA 95113
(408) 998-1900
See you in Redwood Shores and San Jose!
|
|
