CAEP profile

[Atul Tulshibagwale]

Hi all,

During the workshop at Cisco, I'd like to suggest that we spend some time working on the following specifications:

• A profile of SET for CAEP subjects and events. This may be a superset of the RISC profile of SET. I've started putting together subject identifiers of interest, and we had a list of event types from the last workshop, which is a good starting point for event types.
• Review RISC transmitter configuration and evaluate if any changes are needed for CAEP.
• Review RISC work on SET Management (could not find a spec for this).

A good way to evaluate what we need is to verify that we can implement these scenarios based on the proposals that we come up with. Any background attendees can bring around what they need to implement CAEP in their products and / or companies, and what they see as gaps in the current specifications will be great too.

Thanks,

Atul Tulshibagwale Software Engineer +14157613123 Mobile 1600 Amphitheatre Parkway, Mountain View, CA 94043

[Jordan Wright]

Thanks for sending this over, Atul! 100% agreed on your topics to discuss.

To kick things off, I'd be happy to give a quick overview of the doc I wrote a while back covering CAEP vs RISC, largely to give a reminder on the specifics of RISC that are relevant to us.

There are a few open questions (some of which you mentioned above) that I think we should talk about:

• What new event types do we need?
• Do we need to create new subject types, or can we leverage existing ones such as the "issuer + subject"?
• Agreed on looking at the transmitter configuration - what do we need to change here, if anything?
• Regarding the management API (spec is here), is there anything we need to add to either the transport or the session management? For example, do we want to talk about possible authentication strategies or leave that to the implementations?

Once we feel we have a good baseline, then I'm with you- we can run through scenarios and iterate when we find any gaps.

Looking forward to the workshop!

Jordan

--
You received this message because you are subscribed to the Google Groups "caep-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to caep-discuss...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/caep-discuss/CAMCkG5tXPE1PL5-ZJnezoMOS%2BWWwaoE0qT%2BwU8V9zJZX6Vz_pw%40mail.gmail.com.

--

		Jordan Wright  / Principal R&D Engineer   jwr...@duo.com   Duo.com
---------- The Most Loved Company in Security