• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1<html>
2<head>
3<title>Trevor Perrin</title>
4</head>
5<body>
6<H1>Trevor Perrin</H1>
7<b>Email:</b> trevp at trevp.net<br>
8<b>PGP Key:</b> <a href="pgp/key.asc">8035 47B9 D1F9 C148 619A  7948 D8C0 0F11 2F2F F9E3</a>
9<p>I'm a programmer, here are some projects I'm involved in.
10
11<p>My current interest is cryptographic key management and alternatives to PKI.
12<p>
13
14<a name="cryptoID">
15<H2><a href="cryptoID/">CryptoIDs</a></H2>
16<b>Paper 1:</b> Public Key Distribution through "cryptoIDs" (<a href="cryptoID/cryptoID.pdf">.pdf</a>, <a href="cryptoID/cryptoID.html">.html</a>) <i>(presented at <a href="http://www.nspw.org/2003/">NSPW 2003</a>)</i><br>
17<b>Paper 2:</b> The CryptoID Key Management Protocols (<a href="cryptoID/cryptoID2.pdf">.pdf</a>) <i>(the best introduction)</i><br>
18<b>Schema:</b>  XML Schema for &lt;certChain&gt; (<a href="cryptoID/cryptoID.xsd">.xsd</a>)<br>
19<b>Code:</b>  CryptoIDlib Python and Java library and command-line tool v0.1.8 (<a href="cryptoID/cryptoIDlib-0.1.8.zip">.zip</a>, <a href="cryptoID/readme.txt">readme.txt</a>)
20<p>PKI isn't working for person-to-person communications.  Few people use
21secure email, voice, instant-messaging, or anything else.
22<p>CryptoIDs are an alternative.  The idea is for people to exchange small,
23user-friendly fingerprints (aka "cryptoIDs") like 'cyhf4.9ajd8.kbdx4.rk98c'.
24These could be passed around and stored in address books as if they were phone
25numbers or postal addresses.
26<p>The cryptoID for each user would correspond to that user's <i>root key</i>.
27The user would keep his root key in a safe place - his employer or
28some commercial service might hold it for him.  The rootholder would operate
29an online service which would issue short-lived <i>subkey certificates</i> or <i>validation signatures</i> to the user.
30<p>CryptoIDs, then, are about combining <i>fingerprint-based public-key distribution</i> with
31<i>certificate-based private-key management</i>.  The first paper above presents the
32cryptoID fingerprint and certificate formats, which are designed specifically for
33this.  CryptoIDlib lets you test-drive these formats.
34<p>The second paper presents private-key management protocols for use with online servers.
35Support for these is being added to cryptoIDlib.
36
37<a name="tls_lite">
38<H2><a href="tls_lite/">TLS Lite</a></H2>
39<b>Code:</b> tls_lite python library v0.1.8 (<a href="tls_lite/tls_lite-0.1.8.zip">.zip</a>, <a href="tls_lite/readme.txt">readme.txt</a>)<br>
40<p>
41TLS Lite is a free python library that implements SSL 3.0 and <a href="http://www.ietf.org/rfc/rfc2246.txt">TLS 1.0</a>.
42TLS Lite supports non-traditional authentication methods such as <a href="http://trevp.net/tls_srp/index.html">SRP</a>,
43<a href="http://www.ietf.org/internet-drafts/draft-ietf-tls-sharedkeys-02.txt">shared keys</a>,
44and <a href="http://trevp.net/cryptoID/index.html">cryptoIDs</a>, in addition to X.509 certificates.  TLS Lite is pure
45<a href="http://www.python.org">Python</a>, however it can access <a href="http://www.openssl.org/">OpenSSL</a> or
46<a href="http://www.cs.auckland.ac.nz/~pgut001/cryptlib/">cryptlib</a> for faster crypto operations.
47
48<a name="tlssrp">
49<H2><a href="tls_srp/">TLS/SRP</a></H2>
50<b>Internet-Draft:</b>  Using SRP for TLS Authentication (<a href="tls_srp/draft-ietf-tls-srp-06.txt">.txt</a>, <a href="tls_srp/draft-ietf-tls-srp-06.html">.html</a>)
51<p><a href="http://srp.stanford.edu">SRP</a> is the best way to do password authentication
52across a network.  <a href="http://www.ietf.org/html.charters/tls-charter.html">TLS</a> (aka SSL v3.1)
53is the best way to do channel security.  What could go better together?
54<p>This draft modifies the TLS handshake to use SRP.  This combination of
55password-based mutual authentication and the TLS record layer is
56ideal for protecting protocols like POP3 and HTTP.
57
58<a name="dss">
59<H2>DSS</H2>
60<b>Requirements:</b>  DSS Use Case Requirements Analysis (<a href="dss/oasis-dss-1.0-requirements-wd-12.pdf">.pdf</a>, <a href="dss/oasis-dss-1.0-requirements-wd-12.doc">.doc</a>)<br>
61<b>Specification Working Draft:</b> Digital Signature Service Core Protocol and Elements (<a href="dss/oasis-dss-1.0-core-spec-wd-10.pdf">.pdf</a>, <a href="dss/oasis-dss-1.0-core-spec-wd-10.doc">.doc</a>)<br>
62<b>Schema Working Draft:</b> oasis-dss-1.0-core-schema-wd-10 (<a href="dss/oasis-dss-1.0-core-schema-wd-10.xsd">.xsd</a>)<br>
63<b>Somewhat Related Paper:</b> Delegated Cryptography, Online Trusted Third Parties, and PKI
64(<a href="delegatedCrypto/delegatedCrypto.pdf">.pdf</a>, <a href="delegatedCrypto/delegatedCrypto.html">.html</a>)<br>
65<i>(presented at the <a href="http://www.cs.dartmouth.edu/~pki02/">1st Annual PKI Research Workshop</a>)</i>
66<p>The <a href="http://www.oasis-open.org/">OASIS</a> <a href="http://www.oasis-open.org/committees/dss/">Digital Signature Service Technical Committee</a>
67is designing protocols for signing, verifying, and
68time-stamping of XML documents and other data.  The idea is to perform these
69operations on servers, thus freeing clients from having to manage private
70keys, calculate certificate paths, and so on.
71<p>Also listed is a paper arguing for the server-based approach vs. client-side PKI.
72
73<a name="cryptoURL">
74<H2>CryptoURLs</H2>
75<b>Draft of potential Internet-Draft:</b> The "crypto" URL scheme (<a href="cryptoURL/draft-ietf-cryptoURL-01.txt">.txt</a>, <a href="cryptoURL/draft-ietf-cryptoURL-01.html">.html</a>)<br>
76<p>
77CryptoURLs add "crypto metadata" like content hashes and key fingerprints to normal URLs.
78The resulting URLs are <a href="http://zooko.com/distnames.html">self-authenticating</a>,
79like <a href="http://citeseer.nj.nec.com/mazieres99separating.html">SFS file names</a> or
80<a href="http://research.microsoft.com/users/tuomaura/CGA/">Cryptographically Generated Addresses</a>.
81These could be useful in:
82<dir>
83<LI>web pages:
84  <dir>
85  <LI>a page could link to software binaries and include their hash
86  <LI>a portal could provide secure introductions to a community of sites
87  </dir>
88<LI>XML documents (e.g. extending an <a href="http://www.w3.org/TR/xmldsig-core/">XML-DSIG</a> over external references)
89<LI>protocols (e.g. HTTP Redirects or LDAP Referrals)
90<LI>software configuration (you could configure a client with the address and fingerprint of a server in one step)
91</dir>
92<a href="http://www.waterken.com/dev/YURL/">YURLs</a> are another approach to self-authenticating URLs.
93
94<a name="cryptlibConverter">
95<H2><a href="cryptlibConverter/">CryptlibConverter</a></H2>
96<b>Code:</b>  Version 5 for cryptlib 3.1 (<a href="cryptlibConverter/cryptlibConverter5_cl31.zip">.zip</a>, <a href="cryptlibConverter/readme.txt">readme.txt</a>)
97<p>This is a python script that generates java, python, and C# wrappers for
98<a href="http://www.cs.auckland.ac.nz/~pgut001/cryptlib/">cryptlib</a>.  A set of wrappers for
99cryptlib 3.1 is included in the .zip file.  The python and C# wrappers are also included in the latest cryptlib distribution.
100<br>
101<a name="cryptoID">
102<H2><a href="cryptoID/">CryptoIDs</a></H2>
103<b>Paper 1:</b> Public Key Distribution through "cryptoIDs" (<a href="cryptoID/cryptoID.pdf">.pdf</a>, <a href="cryptoID/cryptoID.html">.html</a>) <i>(presented at <a href="http://www.nspw.org/2003/">NSPW 2003</a>)</i><br>
104<b>Paper 2:</b> The CryptoID Key Management Protocols (<a href="cryptoID/cryptoID2.pdf">.pdf</a>) <i>(the best introduction)</i><br>
105<b>Schema:</b>  XML Schema for &lt;certChain&gt; (<a href="cryptoID/cryptoID.xsd">.xsd</a>)<br>
106<b>Code:</b>  CryptoIDlib Python and Java library and command-line tool v0.1.8 (<a href="cryptoID/cryptoIDlib-0.1.8.zip">.zip</a>, <a href="cryptoID/readme.txt">readme.txt</a>)
107<p>PKI isn't working for person-to-person communications.  Few people use
108secure email, voice, instant-messaging, or anything else.
109<p>CryptoIDs are an alternative.  The idea is for people to exchange small,
110user-friendly fingerprints (aka "cryptoIDs") like 'cyhf4.9ajd8.kbdx4.rk98c'.
111These could be passed around and stored in address books as if they were phone
112numbers or postal addresses.
113<p>The cryptoID for each user would correspond to that user's <i>root key</i>.
114The user would keep his root key in a safe place - his employer or
115some commercial service might hold it for him.  The rootholder would operate
116an online service which would issue short-lived <i>subkey certificates</i> or <i>validation signatures</i> to the user.
117<p>CryptoIDs, then, are about combining <i>fingerprint-based public-key distribution</i> with
118<i>certificate-based private-key management</i>.  The first paper above presents the
119cryptoID fingerprint and certificate formats, which are designed specifically for
120this.  CryptoIDlib lets you test-drive these formats.
121<p>The second paper presents private-key management protocols for use with online servers.
122Support for these is being added to cryptoIDlib.
123
124<a name="tls_lite">
125<H2><a href="tls_lite/">TLS Lite</a></H2>
126<b>Code:</b> tls_lite python library v0.1.8 (<a href="tls_lite/tls_lite-0.1.8.zip">.zip</a>, <a href="tls_lite/readme.txt">readme.txt</a>)<br>
127<p>
128TLS Lite is a free python library that implements SSL 3.0 and <a href="http://www.ietf.org/rfc/rfc2246.txt">TLS 1.0</a>.
129TLS Lite supports non-traditional authentication methods such as <a href="http://trevp.net/tls_srp/index.html">SRP</a>,
130<a href="http://www.ietf.org/internet-drafts/draft-ietf-tls-sharedkeys-02.txt">shared keys</a>,
131and <a href="http://trevp.net/cryptoID/index.html">cryptoIDs</a>, in addition to X.509 certificates.  TLS Lite is pure
132<a href="http://www.python.org">Python</a>, however it can access <a href="http://www.openssl.org/">OpenSSL</a> or
133<a href="http://www.cs.auckland.ac.nz/~pgut001/cryptlib/">cryptlib</a> for faster crypto operations.
134
135<a name="tlssrp">
136<H2><a href="tls_srp/">TLS/SRP</a></H2>
137<b>Internet-Draft:</b>  Using SRP for TLS Authentication (<a href="tls_srp/draft-ietf-tls-srp-06.txt">.txt</a>, <a href="tls_srp/draft-ietf-tls-srp-06.html">.html</a>)
138<p><a href="http://srp.stanford.edu">SRP</a> is the best way to do password authentication
139across a network.  <a href="http://www.ietf.org/html.charters/tls-charter.html">TLS</a> (aka SSL v3.1)
140is the best way to do channel security.  What could go better together?
141<p>This draft modifies the TLS handshake to use SRP.  This combination of
142password-based mutual authentication and the TLS record layer is
143ideal for protecting protocols like POP3 and HTTP.
144
145<a name="dss">
146<H2>DSS</H2>
147<b>Requirements:</b>  DSS Use Case Requirements Analysis (<a href="dss/oasis-dss-1.0-requirements-wd-12.pdf">.pdf</a>, <a href="dss/oasis-dss-1.0-requirements-wd-12.doc">.doc</a>)<br>
148<b>Specification Working Draft:</b> Digital Signature Service Core Protocol and Elements (<a href="dss/oasis-dss-1.0-core-spec-wd-10.pdf">.pdf</a>, <a href="dss/oasis-dss-1.0-core-spec-wd-10.doc">.doc</a>)<br>
149<b>Schema Working Draft:</b> oasis-dss-1.0-core-schema-wd-10 (<a href="dss/oasis-dss-1.0-core-schema-wd-10.xsd">.xsd</a>)<br>
150<b>Somewhat Related Paper:</b> Delegated Cryptography, Online Trusted Third Parties, and PKI
151(<a href="delegatedCrypto/delegatedCrypto.pdf">.pdf</a>, <a href="delegatedCrypto/delegatedCrypto.html">.html</a>)<br>
152<i>(presented at the <a href="http://www.cs.dartmouth.edu/~pki02/">1st Annual PKI Research Workshop</a>)</i>
153<p>The <a href="http://www.oasis-open.org/">OASIS</a> <a href="http://www.oasis-open.org/committees/dss/">Digital Signature Service Technical Committee</a>
154is designing protocols for signing, verifying, and
155time-stamping of XML documents and other data.  The idea is to perform these
156operations on servers, thus freeing clients from having to manage private
157keys, calculate certificate paths, and so on.
158<p>Also listed is a paper arguing for the server-based approach vs. client-side PKI.
159
160<a name="cryptoURL">
161<H2>CryptoURLs</H2>
162<b>Draft of potential Internet-Draft:</b> The "crypto" URL scheme (<a href="cryptoURL/draft-ietf-cryptoURL-01.txt">.txt</a>, <a href="cryptoURL/draft-ietf-cryptoURL-01.html">.html</a>)<br>
163<p>
164CryptoURLs add "crypto metadata" like content hashes and key fingerprints to normal URLs.
165The resulting URLs are <a href="http://zooko.com/distnames.html">self-authenticating</a>,
166like <a href="http://citeseer.nj.nec.com/mazieres99separating.html">SFS file names</a> or
167<a href="http://research.microsoft.com/users/tuomaura/CGA/">Cryptographically Generated Addresses</a>.
168These could be useful in:
169<dir>
170<LI>web pages:
171  <dir>
172  <LI>a page could link to software binaries and include their hash
173  <LI>a portal could provide secure introductions to a community of sites
174  </dir>
175<LI>XML documents (e.g. extending an <a href="http://www.w3.org/TR/xmldsig-core/">XML-DSIG</a> over external references)
176<LI>protocols (e.g. HTTP Redirects or LDAP Referrals)
177<LI>software configuration (you could configure a client with the address and fingerprint of a server in one step)
178</dir>
179<a href="http://www.waterken.com/dev/YURL/">YURLs</a> are another approach to self-authenticating URLs.
180
181<a name="cryptlibConverter">
182<H2><a href="cryptlibConverter/">CryptlibConverter</a></H2>
183<b>Code:</b>  Version 5 for cryptlib 3.1 (<a href="cryptlibConverter/cryptlibConverter5_cl31.zip">.zip</a>, <a href="cryptlibConverter/readme.txt">readme.txt</a>)
184<p>This is a python script that generates java, python, and C# wrappers for
185<a href="http://www.cs.auckland.ac.nz/~pgut001/cryptlib/">cryptlib</a>.  A set of wrappers for
186cryptlib 3.1 is included in the .zip file.  The python and C# wrappers are also included in the latest cryptlib distribution.
187<br>
188<a name="cryptoID">
189<H2><a href="cryptoID/">CryptoIDs</a></H2>
190<b>Paper 1:</b> Public Key Distribution through "cryptoIDs" (<a href="cryptoID/cryptoID.pdf">.pdf</a>, <a href="cryptoID/cryptoID.html">.html</a>) <i>(presented at <a href="http://www.nspw.org/2003/">NSPW 2003</a>)</i><br>
191<b>Paper 2:</b> The CryptoID Key Management Protocols (<a href="cryptoID/cryptoID2.pdf">.pdf</a>) <i>(the best introduction)</i><br>
192<b>Schema:</b>  XML Schema for &lt;certChain&gt; (<a href="cryptoID/cryptoID.xsd">.xsd</a>)<br>
193<b>Code:</b>  CryptoIDlib Python and Java library and command-line tool v0.1.8 (<a href="cryptoID/cryptoIDlib-0.1.8.zip">.zip</a>, <a href="cryptoID/readme.txt">readme.txt</a>)
194<p>PKI isn't working for person-to-person communications.  Few people use
195secure email, voice, instant-messaging, or anything else.
196<p>CryptoIDs are an alternative.  The idea is for people to exchange small,
197user-friendly fingerprints (aka "cryptoIDs") like 'cyhf4.9ajd8.kbdx4.rk98c'.
198These could be passed around and stored in address books as if they were phone
199numbers or postal addresses.
200<p>The cryptoID for each user would correspond to that user's <i>root key</i>.
201The user would keep his root key in a safe place - his employer or
202some commercial service might hold it for him.  The rootholder would operate
203an online service which would issue short-lived <i>subkey certificates</i> or <i>validation signatures</i> to the user.
204<p>CryptoIDs, then, are about combining <i>fingerprint-based public-key distribution</i> with
205<i>certificate-based private-key management</i>.  The first paper above presents the
206cryptoID fingerprint and certificate formats, which are designed specifically for
207this.  CryptoIDlib lets you test-drive these formats.
208<p>The second paper presents private-key management protocols for use with online servers.
209Support for these is being added to cryptoIDlib.
210
211<a name="tls_lite">
212<H2><a href="tls_lite/">TLS Lite</a></H2>
213<b>Code:</b> tls_lite python library v0.1.8 (<a href="tls_lite/tls_lite-0.1.8.zip">.zip</a>, <a href="tls_lite/readme.txt">readme.txt</a>)<br>
214<p>
215TLS Lite is a free python library that implements SSL 3.0 and <a href="http://www.ietf.org/rfc/rfc2246.txt">TLS 1.0</a>.
216TLS Lite supports non-traditional authentication methods such as <a href="http://trevp.net/tls_srp/index.html">SRP</a>,
217<a href="http://www.ietf.org/internet-drafts/draft-ietf-tls-sharedkeys-02.txt">shared keys</a>,
218and <a href="http://trevp.net/cryptoID/index.html">cryptoIDs</a>, in addition to X.509 certificates.  TLS Lite is pure
219<a href="http://www.python.org">Python</a>, however it can access <a href="http://www.openssl.org/">OpenSSL</a> or
220<a href="http://www.cs.auckland.ac.nz/~pgut001/cryptlib/">cryptlib</a> for faster crypto operations.
221
222<a name="tlssrp">
223<H2><a href="tls_srp/">TLS/SRP</a></H2>
224<b>Internet-Draft:</b>  Using SRP for TLS Authentication (<a href="tls_srp/draft-ietf-tls-srp-06.txt">.txt</a>, <a href="tls_srp/draft-ietf-tls-srp-06.html">.html</a>)
225<p><a href="http://srp.stanford.edu">SRP</a> is the best way to do password authentication
226across a network.  <a href="http://www.ietf.org/html.charters/tls-charter.html">TLS</a> (aka SSL v3.1)
227is the best way to do channel security.  What could go better together?
228<p>This draft modifies the TLS handshake to use SRP.  This combination of
229password-based mutual authentication and the TLS record layer is
230ideal for protecting protocols like POP3 and HTTP.
231
232<a name="dss">
233<H2>DSS</H2>
234<b>Requirements:</b>  DSS Use Case Requirements Analysis (<a href="dss/oasis-dss-1.0-requirements-wd-12.pdf">.pdf</a>, <a href="dss/oasis-dss-1.0-requirements-wd-12.doc">.doc</a>)<br>
235<b>Specification Working Draft:</b> Digital Signature Service Core Protocol and Elements (<a href="dss/oasis-dss-1.0-core-spec-wd-10.pdf">.pdf</a>, <a href="dss/oasis-dss-1.0-core-spec-wd-10.doc">.doc</a>)<br>
236<b>Schema Working Draft:</b> oasis-dss-1.0-core-schema-wd-10 (<a href="dss/oasis-dss-1.0-core-schema-wd-10.xsd">.xsd</a>)<br>
237<b>Somewhat Related Paper:</b> Delegated Cryptography, Online Trusted Third Parties, and PKI
238(<a href="delegatedCrypto/delegatedCrypto.pdf">.pdf</a>, <a href="delegatedCrypto/delegatedCrypto.html">.html</a>)<br>
239<i>(presented at the <a href="http://www.cs.dartmouth.edu/~pki02/">1st Annual PKI Research Workshop</a>)</i>
240<p>The <a href="http://www.oasis-open.org/">OASIS</a> <a href="http://www.oasis-open.org/committees/dss/">Digital Signature Service Technical Committee</a>
241is designing protocols for signing, verifying, and
242time-stamping of XML documents and other data.  The idea is to perform these
243operations on servers, thus freeing clients from having to manage private
244keys, calculate certificate paths, and so on.
245<p>Also listed is a paper arguing for the server-based approach vs. client-side PKI.
246
247<a name="cryptoURL">
248<H2>CryptoURLs</H2>
249<b>Draft of potential Internet-Draft:</b> The "crypto" URL scheme (<a href="cryptoURL/draft-ietf-cryptoURL-01.txt">.txt</a>, <a href="cryptoURL/draft-ietf-cryptoURL-01.html">.html</a>)<br>
250<p>
251CryptoURLs add "crypto metadata" like content hashes and key fingerprints to normal URLs.
252The resulting URLs are <a href="http://zooko.com/distnames.html">self-authenticating</a>,
253like <a href="http://citeseer.nj.nec.com/mazieres99separating.html">SFS file names</a> or
254<a href="http://research.microsoft.com/users/tuomaura/CGA/">Cryptographically Generated Addresses</a>.
255These could be useful in:
256<dir>
257<LI>web pages:
258  <dir>
259  <LI>a page could link to software binaries and include their hash
260  <LI>a portal could provide secure introductions to a community of sites
261  </dir>
262<LI>XML documents (e.g. extending an <a href="http://www.w3.org/TR/xmldsig-core/">XML-DSIG</a> over external references)
263<LI>protocols (e.g. HTTP Redirects or LDAP Referrals)
264<LI>software configuration (you could configure a client with the address and fingerprint of a server in one step)
265</dir>
266<a href="http://www.waterken.com/dev/YURL/">YURLs</a> are another approach to self-authenticating URLs.
267
268<a name="cryptlibConverter">
269<H2><a href="cryptlibConverter/">CryptlibConverter</a></H2>
270<b>Code:</b>  Version 5 for cryptlib 3.1 (<a href="cryptlibConverter/cryptlibConverter5_cl31.zip">.zip</a>, <a href="cryptlibConverter/readme.txt">readme.txt</a>)
271<p>This is a python script that generates java, python, and C# wrappers for
272<a href="http://www.cs.auckland.ac.nz/~pgut001/cryptlib/">cryptlib</a>.  A set of wrappers for
273cryptlib 3.1 is included in the .zip file.  The python and C# wrappers are also included in the latest cryptlib distribution.
274<br>
275<a name="cryptoID">
276<H2><a href="cryptoID/">CryptoIDs</a></H2>
277<b>Paper 1:</b> Public Key Distribution through "cryptoIDs" (<a href="cryptoID/cryptoID.pdf">.pdf</a>, <a href="cryptoID/cryptoID.html">.html</a>) <i>(presented at <a href="http://www.nspw.org/2003/">NSPW 2003</a>)</i><br>
278<b>Paper 2:</b> The CryptoID Key Management Protocols (<a href="cryptoID/cryptoID2.pdf">.pdf</a>) <i>(the best introduction)</i><br>
279<b>Schema:</b>  XML Schema for &lt;certChain&gt; (<a href="cryptoID/cryptoID.xsd">.xsd</a>)<br>
280<b>Code:</b>  CryptoIDlib Python and Java library and command-line tool v0.1.8 (<a href="cryptoID/cryptoIDlib-0.1.8.zip">.zip</a>, <a href="cryptoID/readme.txt">readme.txt</a>)
281<p>PKI isn't working for person-to-person communications.  Few people use
282secure email, voice, instant-messaging, or anything else.
283<p>CryptoIDs are an alternative.  The idea is for people to exchange small,
284user-friendly fingerprints (aka "cryptoIDs") like 'cyhf4.9ajd8.kbdx4.rk98c'.
285These could be passed around and stored in address books as if they were phone
286numbers or postal addresses.
287<p>The cryptoID for each user would correspond to that user's <i>root key</i>.
288The user would keep his root key in a safe place - his employer or
289some commercial service might hold it for him.  The rootholder would operate
290an online service which would issue short-lived <i>subkey certificates</i> or <i>validation signatures</i> to the user.
291<p>CryptoIDs, then, are about combining <i>fingerprint-based public-key distribution</i> with
292<i>certificate-based private-key management</i>.  The first paper above presents the
293cryptoID fingerprint and certificate formats, which are designed specifically for
294this.  CryptoIDlib lets you test-drive these formats.
295<p>The second paper presents private-key management protocols for use with online servers.
296Support for these is being added to cryptoIDlib.
297
298<a name="tls_lite">
299<H2><a href="tls_lite/">TLS Lite</a></H2>
300<b>Code:</b> tls_lite python library v0.1.8 (<a href="tls_lite/tls_lite-0.1.8.zip">.zip</a>, <a href="tls_lite/readme.txt">readme.txt</a>)<br>
301<p>
302TLS Lite is a free python library that implements SSL 3.0 and <a href="http://www.ietf.org/rfc/rfc2246.txt">TLS 1.0</a>.
303TLS Lite supports non-traditional authentication methods such as <a href="http://trevp.net/tls_srp/index.html">SRP</a>,
304<a href="http://www.ietf.org/internet-drafts/draft-ietf-tls-sharedkeys-02.txt">shared keys</a>,
305and <a href="http://trevp.net/cryptoID/index.html">cryptoIDs</a>, in addition to X.509 certificates.  TLS Lite is pure
306<a href="http://www.python.org">Python</a>, however it can access <a href="http://www.openssl.org/">OpenSSL</a> or
307<a href="http://www.cs.auckland.ac.nz/~pgut001/cryptlib/">cryptlib</a> for faster crypto operations.
308
309<a name="tlssrp">
310<H2><a href="tls_srp/">TLS/SRP</a></H2>
311<b>Internet-Draft:</b>  Using SRP for TLS Authentication (<a href="tls_srp/draft-ietf-tls-srp-06.txt">.txt</a>, <a href="tls_srp/draft-ietf-tls-srp-06.html">.html</a>)
312<p><a href="http://srp.stanford.edu">SRP</a> is the best way to do password authentication
313across a network.  <a href="http://www.ietf.org/html.charters/tls-charter.html">TLS</a> (aka SSL v3.1)
314is the best way to do channel security.  What could go better together?
315<p>This draft modifies the TLS handshake to use SRP.  This combination of
316password-based mutual authentication and the TLS record layer is
317ideal for protecting protocols like POP3 and HTTP.
318
319<a name="dss">
320<H2>DSS</H2>
321<b>Requirements:</b>  DSS Use Case Requirements Analysis (<a href="dss/oasis-dss-1.0-requirements-wd-12.pdf">.pdf</a>, <a href="dss/oasis-dss-1.0-requirements-wd-12.doc">.doc</a>)<br>
322<b>Specification Working Draft:</b> Digital Signature Service Core Protocol and Elements (<a href="dss/oasis-dss-1.0-core-spec-wd-10.pdf">.pdf</a>, <a href="dss/oasis-dss-1.0-core-spec-wd-10.doc">.doc</a>)<br>
323<b>Schema Working Draft:</b> oasis-dss-1.0-core-schema-wd-10 (<a href="dss/oasis-dss-1.0-core-schema-wd-10.xsd">.xsd</a>)<br>
324<b>Somewhat Related Paper:</b> Delegated Cryptography, Online Trusted Third Parties, and PKI
325(<a href="delegatedCrypto/delegatedCrypto.pdf">.pdf</a>, <a href="delegatedCrypto/delegatedCrypto.html">.html</a>)<br>
326<i>(presented at the <a href="http://www.cs.dartmouth.edu/~pki02/">1st Annual PKI Research Workshop</a>)</i>
327<p>The <a href="http://www.oasis-open.org/">OASIS</a> <a href="http://www.oasis-open.org/committees/dss/">Digital Signature Service Technical Committee</a>
328is designing protocols for signing, verifying, and
329time-stamping of XML documents and other data.  The idea is to perform these
330operations on servers, thus freeing clients from having to manage private
331keys, calculate certificate paths, and so on.
332<p>Also listed is a paper arguing for the server-based approach vs. client-side PKI.
333
334<a name="cryptoURL">
335<H2>CryptoURLs</H2>
336<b>Draft of potential Internet-Draft:</b> The "crypto" URL scheme (<a href="cryptoURL/draft-ietf-cryptoURL-01.txt">.txt</a>, <a href="cryptoURL/draft-ietf-cryptoURL-01.html">.html</a>)<br>
337<p>
338CryptoURLs add "crypto metadata" like content hashes and key fingerprints to normal URLs.
339The resulting URLs are <a href="http://zooko.com/distnames.html">self-authenticating</a>,
340like <a href="http://citeseer.nj.nec.com/mazieres99separating.html">SFS file names</a> or
341<a href="http://research.microsoft.com/users/tuomaura/CGA/">Cryptographically Generated Addresses</a>.
342These could be useful in:
343<dir>
344<LI>web pages:
345  <dir>
346  <LI>a page could link to software binaries and include their hash
347  <LI>a portal could provide secure introductions to a community of sites
348  </dir>
349<LI>XML documents (e.g. extending an <a href="http://www.w3.org/TR/xmldsig-core/">XML-DSIG</a> over external references)
350<LI>protocols (e.g. HTTP Redirects or LDAP Referrals)
351<LI>software configuration (you could configure a client with the address and fingerprint of a server in one step)
352</dir>
353<a href="http://www.waterken.com/dev/YURL/">YURLs</a> are another approach to self-authenticating URLs.
354
355<a name="cryptlibConverter">
356<H2><a href="cryptlibConverter/">CryptlibConverter</a></H2>
357<b>Code:</b>  Version 5 for cryptlib 3.1 (<a href="cryptlibConverter/cryptlibConverter5_cl31.zip">.zip</a>, <a href="cryptlibConverter/readme.txt">readme.txt</a>)
358<p>This is a python script that generates java, python, and C# wrappers for
359<a href="http://www.cs.auckland.ac.nz/~pgut001/cryptlib/">cryptlib</a>.  A set of wrappers for
360cryptlib 3.1 is included in the .zip file.  The python and C# wrappers are also included in the latest cryptlib distribution.
361<br>
362<a name="cryptoID">
363<H2><a href="cryptoID/">CryptoIDs</a></H2>
364<b>Paper 1:</b> Public Key Distribution through "cryptoIDs" (<a href="cryptoID/cryptoID.pdf">.pdf</a>, <a href="cryptoID/cryptoID.html">.html</a>) <i>(presented at <a href="http://www.nspw.org/2003/">NSPW 2003</a>)</i><br>
365<b>Paper 2:</b> The CryptoID Key Management Protocols (<a href="cryptoID/cryptoID2.pdf">.pdf</a>) <i>(the best introduction)</i><br>
366<b>Schema:</b>  XML Schema for &lt;certChain&gt; (<a href="cryptoID/cryptoID.xsd">.xsd</a>)<br>
367<b>Code:</b>  CryptoIDlib Python and Java library and command-line tool v0.1.8 (<a href="cryptoID/cryptoIDlib-0.1.8.zip">.zip</a>, <a href="cryptoID/readme.txt">readme.txt</a>)
368<p>PKI isn't working for person-to-person communications.  Few people use
369secure email, voice, instant-messaging, or anything else.
370<p>CryptoIDs are an alternative.  The idea is for people to exchange small,
371user-friendly fingerprints (aka "cryptoIDs") like 'cyhf4.9ajd8.kbdx4.rk98c'.
372These could be passed around and stored in address books as if they were phone
373numbers or postal addresses.
374<p>The cryptoID for each user would correspond to that user's <i>root key</i>.
375The user would keep his root key in a safe place - his employer or
376some commercial service might hold it for him.  The rootholder would operate
377an online service which would issue short-lived <i>subkey certificates</i> or <i>validation signatures</i> to the user.
378<p>CryptoIDs, then, are about combining <i>fingerprint-based public-key distribution</i> with
379<i>certificate-based private-key management</i>.  The first paper above presents the
380cryptoID fingerprint and certificate formats, which are designed specifically for
381this.  CryptoIDlib lets you test-drive these formats.
382<p>The second paper presents private-key management protocols for use with online servers.
383Support for these is being added to cryptoIDlib.
384
385<a name="tls_lite">
386<H2><a href="tls_lite/">TLS Lite</a></H2>
387<b>Code:</b> tls_lite python library v0.1.8 (<a href="tls_lite/tls_lite-0.1.8.zip">.zip</a>, <a href="tls_lite/readme.txt">readme.txt</a>)<br>
388<p>
389TLS Lite is a free python library that implements SSL 3.0 and <a href="http://www.ietf.org/rfc/rfc2246.txt">TLS 1.0</a>.
390TLS Lite supports non-traditional authentication methods such as <a href="http://trevp.net/tls_srp/index.html">SRP</a>,
391<a href="http://www.ietf.org/internet-drafts/draft-ietf-tls-sharedkeys-02.txt">shared keys</a>,
392and <a href="http://trevp.net/cryptoID/index.html">cryptoIDs</a>, in addition to X.509 certificates.  TLS Lite is pure
393<a href="http://www.python.org">Python</a>, however it can access <a href="http://www.openssl.org/">OpenSSL</a> or
394<a href="http://www.cs.auckland.ac.nz/~pgut001/cryptlib/">cryptlib</a> for faster crypto operations.
395
396<a name="tlssrp">
397<H2><a href="tls_srp/">TLS/SRP</a></H2>
398<b>Internet-Draft:</b>  Using SRP for TLS Authentication (<a href="tls_srp/draft-ietf-tls-srp-06.txt">.txt</a>, <a href="tls_srp/draft-ietf-tls-srp-06.html">.html</a>)
399<p><a href="http://srp.stanford.edu">SRP</a> is the best way to do password authentication
400across a network.  <a href="http://www.ietf.org/html.charters/tls-charter.html">TLS</a> (aka SSL v3.1)
401is the best way to do channel security.  What could go better together?
402<p>This draft modifies the TLS handshake to use SRP.  This combination of
403password-based mutual authentication and the TLS record layer is
404ideal for protecting protocols like POP3 and HTTP.
405
406<a name="dss">
407<H2>DSS</H2>
408<b>Requirements:</b>  DSS Use Case Requirements Analysis (<a href="dss/oasis-dss-1.0-requirements-wd-12.pdf">.pdf</a>, <a href="dss/oasis-dss-1.0-requirements-wd-12.doc">.doc</a>)<br>
409<b>Specification Working Draft:</b> Digital Signature Service Core Protocol and Elements (<a href="dss/oasis-dss-1.0-core-spec-wd-10.pdf">.pdf</a>, <a href="dss/oasis-dss-1.0-core-spec-wd-10.doc">.doc</a>)<br>
410<b>Schema Working Draft:</b> oasis-dss-1.0-core-schema-wd-10 (<a href="dss/oasis-dss-1.0-core-schema-wd-10.xsd">.xsd</a>)<br>
411<b>Somewhat Related Paper:</b> Delegated Cryptography, Online Trusted Third Parties, and PKI
412(<a href="delegatedCrypto/delegatedCrypto.pdf">.pdf</a>, <a href="delegatedCrypto/delegatedCrypto.html">.html</a>)<br>
413<i>(presented at the <a href="http://www.cs.dartmouth.edu/~pki02/">1st Annual PKI Research Workshop</a>)</i>
414<p>The <a href="http://www.oasis-open.org/">OASIS</a> <a href="http://www.oasis-open.org/committees/dss/">Digital Signature Service Technical Committee</a>
415is designing protocols for signing, verifying, and
416time-stamping of XML documents and other data.  The idea is to perform these
417operations on servers, thus freeing clients from having to manage private
418keys, calculate certificate paths, and so on.
419<p>Also listed is a paper arguing for the server-based approach vs. client-side PKI.
420
421<a name="cryptoURL">
422<H2>CryptoURLs</H2>
423<b>Draft of potential Internet-Draft:</b> The "crypto" URL scheme (<a href="cryptoURL/draft-ietf-cryptoURL-01.txt">.txt</a>, <a href="cryptoURL/draft-ietf-cryptoURL-01.html">.html</a>)<br>
424<p>
425CryptoURLs add "crypto metadata" like content hashes and key fingerprints to normal URLs.
426The resulting URLs are <a href="http://zooko.com/distnames.html">self-authenticating</a>,
427like <a href="http://citeseer.nj.nec.com/mazieres99separating.html">SFS file names</a> or
428<a href="http://research.microsoft.com/users/tuomaura/CGA/">Cryptographically Generated Addresses</a>.
429These could be useful in:
430<dir>
431<LI>web pages:
432  <dir>
433  <LI>a page could link to software binaries and include their hash
434  <LI>a portal could provide secure introductions to a community of sites
435  </dir>
436<LI>XML documents (e.g. extending an <a href="http://www.w3.org/TR/xmldsig-core/">XML-DSIG</a> over external references)
437<LI>protocols (e.g. HTTP Redirects or LDAP Referrals)
438<LI>software configuration (you could configure a client with the address and fingerprint of a server in one step)
439</dir>
440<a href="http://www.waterken.com/dev/YURL/">YURLs</a> are another approach to self-authenticating URLs.
441
442<a name="cryptlibConverter">
443<H2><a href="cryptlibConverter/">CryptlibConverter</a></H2>
444<b>Code:</b>  Version 5 for cryptlib 3.1 (<a href="cryptlibConverter/cryptlibConverter5_cl31.zip">.zip</a>, <a href="cryptlibConverter/readme.txt">readme.txt</a>)
445<p>This is a python script that generates java, python, and C# wrappers for
446<a href="http://www.cs.auckland.ac.nz/~pgut001/cryptlib/">cryptlib</a>.  A set of wrappers for
447cryptlib 3.1 is included in the .zip file.  The python and C# wrappers are also included in the latest cryptlib distribution.
448<br>
449<a name="cryptoID">
450<H2><a href="cryptoID/">CryptoIDs</a></H2>
451<b>Paper 1:</b> Public Key Distribution through "cryptoIDs" (<a href="cryptoID/cryptoID.pdf">.pdf</a>, <a href="cryptoID/cryptoID.html">.html</a>) <i>(presented at <a href="http://www.nspw.org/2003/">NSPW 2003</a>)</i><br>
452<b>Paper 2:</b> The CryptoID Key Management Protocols (<a href="cryptoID/cryptoID2.pdf">.pdf</a>) <i>(the best introduction)</i><br>
453<b>Schema:</b>  XML Schema for &lt;certChain&gt; (<a href="cryptoID/cryptoID.xsd">.xsd</a>)<br>
454<b>Code:</b>  CryptoIDlib Python and Java library and command-line tool v0.1.8 (<a href="cryptoID/cryptoIDlib-0.1.8.zip">.zip</a>, <a href="cryptoID/readme.txt">readme.txt</a>)
455<p>PKI isn't working for person-to-person communications.  Few people use
456secure email, voice, instant-messaging, or anything else.
457<p>CryptoIDs are an alternative.  The idea is for people to exchange small,
458user-friendly fingerprints (aka "cryptoIDs") like 'cyhf4.9ajd8.kbdx4.rk98c'.
459These could be passed around and stored in address books as if they were phone
460numbers or postal addresses.
461<p>The cryptoID for each user would correspond to that user's <i>root key</i>.
462The user would keep his root key in a safe place - his employer or
463some commercial service might hold it for him.  The rootholder would operate
464an online service which would issue short-lived <i>subkey certificates</i> or <i>validation signatures</i> to the user.
465<p>CryptoIDs, then, are about combining <i>fingerprint-based public-key distribution</i> with
466<i>certificate-based private-key management</i>.  The first paper above presents the
467cryptoID fingerprint and certificate formats, which are designed specifically for
468this.  CryptoIDlib lets you test-drive these formats.
469<p>The second paper presents private-key management protocols for use with online servers.
470Support for these is being added to cryptoIDlib.
471
472<a name="tls_lite">
473<H2><a href="tls_lite/">TLS Lite</a></H2>
474<b>Code:</b> tls_lite python library v0.1.8 (<a href="tls_lite/tls_lite-0.1.8.zip">.zip</a>, <a href="tls_lite/readme.txt">readme.txt</a>)<br>
475<p>
476TLS Lite is a free python library that implements SSL 3.0 and <a href="http://www.ietf.org/rfc/rfc2246.txt">TLS 1.0</a>.
477TLS Lite supports non-traditional authentication methods such as <a href="http://trevp.net/tls_srp/index.html">SRP</a>,
478<a href="http://www.ietf.org/internet-drafts/draft-ietf-tls-sharedkeys-02.txt">shared keys</a>,
479and <a href="http://trevp.net/cryptoID/index.html">cryptoIDs</a>, in addition to X.509 certificates.  TLS Lite is pure
480<a href="http://www.python.org">Python</a>, however it can access <a href="http://www.openssl.org/">OpenSSL</a> or
481<a href="http://www.cs.auckland.ac.nz/~pgut001/cryptlib/">cryptlib</a> for faster crypto operations.
482
483<a name="tlssrp">
484<H2><a href="tls_srp/">TLS/SRP</a></H2>
485<b>Internet-Draft:</b>  Using SRP for TLS Authentication (<a href="tls_srp/draft-ietf-tls-srp-06.txt">.txt</a>, <a href="tls_srp/draft-ietf-tls-srp-06.html">.html</a>)
486<p><a href="http://srp.stanford.edu">SRP</a> is the best way to do password authentication
487across a network.  <a href="http://www.ietf.org/html.charters/tls-charter.html">TLS</a> (aka SSL v3.1)
488is the best way to do channel security.  What could go better together?
489<p>This draft modifies the TLS handshake to use SRP.  This combination of
490password-based mutual authentication and the TLS record layer is
491ideal for protecting protocols like POP3 and HTTP.
492
493<a name="dss">
494<H2>DSS</H2>
495<b>Requirements:</b>  DSS Use Case Requirements Analysis (<a href="dss/oasis-dss-1.0-requirements-wd-12.pdf">.pdf</a>, <a href="dss/oasis-dss-1.0-requirements-wd-12.doc">.doc</a>)<br>
496<b>Specification Working Draft:</b> Digital Signature Service Core Protocol and Elements (<a href="dss/oasis-dss-1.0-core-spec-wd-10.pdf">.pdf</a>, <a href="dss/oasis-dss-1.0-core-spec-wd-10.doc">.doc</a>)<br>
497<b>Schema Working Draft:</b> oasis-dss-1.0-core-schema-wd-10 (<a href="dss/oasis-dss-1.0-core-schema-wd-10.xsd">.xsd</a>)<br>
498<b>Somewhat Related Paper:</b> Delegated Cryptography, Online Trusted Third Parties, and PKI
499(<a href="delegatedCrypto/delegatedCrypto.pdf">.pdf</a>, <a href="delegatedCrypto/delegatedCrypto.html">.html</a>)<br>
500<i>(presented at the <a href="http://www.cs.dartmouth.edu/~pki02/">1st Annual PKI Research Workshop</a>)</i>
501<p>The <a href="http://www.oasis-open.org/">OASIS</a> <a href="http://www.oasis-open.org/committees/dss/">Digital Signature Service Technical Committee</a>
502is designing protocols for signing, verifying, and
503time-stamping of XML documents and other data.  The idea is to perform these
504operations on servers, thus freeing clients from having to manage private
505keys, calculate certificate paths, and so on.
506<p>Also listed is a paper arguing for the server-based approach vs. client-side PKI.
507
508<a name="cryptoURL">
509<H2>CryptoURLs</H2>
510<b>Draft of potential Internet-Draft:</b> The "crypto" URL scheme (<a href="cryptoURL/draft-ietf-cryptoURL-01.txt">.txt</a>, <a href="cryptoURL/draft-ietf-cryptoURL-01.html">.html</a>)<br>
511<p>
512CryptoURLs add "crypto metadata" like content hashes and key fingerprints to normal URLs.
513The resulting URLs are <a href="http://zooko.com/distnames.html">self-authenticating</a>,
514like <a href="http://citeseer.nj.nec.com/mazieres99separating.html">SFS file names</a> or
515<a href="http://research.microsoft.com/users/tuomaura/CGA/">Cryptographically Generated Addresses</a>.
516These could be useful in:
517<dir>
518<LI>web pages:
519  <dir>
520  <LI>a page could link to software binaries and include their hash
521  <LI>a portal could provide secure introductions to a community of sites
522  </dir>
523<LI>XML documents (e.g. extending an <a href="http://www.w3.org/TR/xmldsig-core/">XML-DSIG</a> over external references)
524<LI>protocols (e.g. HTTP Redirects or LDAP Referrals)
525<LI>software configuration (you could configure a client with the address and fingerprint of a server in one step)
526</dir>
527<a href="http://www.waterken.com/dev/YURL/">YURLs</a> are another approach to self-authenticating URLs.
528
529<a name="cryptlibConverter">
530<H2><a href="cryptlibConverter/">CryptlibConverter</a></H2>
531<b>Code:</b>  Version 5 for cryptlib 3.1 (<a href="cryptlibConverter/cryptlibConverter5_cl31.zip">.zip</a>, <a href="cryptlibConverter/readme.txt">readme.txt</a>)
532<p>This is a python script that generates java, python, and C# wrappers for
533<a href="http://www.cs.auckland.ac.nz/~pgut001/cryptlib/">cryptlib</a>.  A set of wrappers for
534cryptlib 3.1 is included in the .zip file.  The python and C# wrappers are also included in the latest cryptlib distribution.
535<br>
536<a name="cryptoID">
537<H2><a href="cryptoID/">CryptoIDs</a></H2>
538<b>Paper 1:</b> Public Key Distribution through "cryptoIDs" (<a href="cryptoID/cryptoID.pdf">.pdf</a>, <a href="cryptoID/cryptoID.html">.html</a>) <i>(presented at <a href="http://www.nspw.org/2003/">NSPW 2003</a>)</i><br>
539<b>Paper 2:</b> The CryptoID Key Management Protocols (<a href="cryptoID/cryptoID2.pdf">.pdf</a>) <i>(the best introduction)</i><br>
540<b>Schema:</b>  XML Schema for &lt;certChain&gt; (<a href="cryptoID/cryptoID.xsd">.xsd</a>)<br>
541<b>Code:</b>  CryptoIDlib Python and Java library and command-line tool v0.1.8 (<a href="cryptoID/cryptoIDlib-0.1.8.zip">.zip</a>, <a href="cryptoID/readme.txt">readme.txt</a>)
542<p>PKI isn't working for person-to-person communications.  Few people use
543secure email, voice, instant-messaging, or anything else.
544<p>CryptoIDs are an alternative.  The idea is for people to exchange small,
545user-friendly fingerprints (aka "cryptoIDs") like 'cyhf4.9ajd8.kbdx4.rk98c'.
546These could be passed around and stored in address books as if they were phone
547numbers or postal addresses.
548<p>The cryptoID for each user would correspond to that user's <i>root key</i>.
549The user would keep his root key in a safe place - his employer or
550some commercial service might hold it for him.  The rootholder would operate
551an online service which would issue short-lived <i>subkey certificates</i> or <i>validation signatures</i> to the user.
552<p>CryptoIDs, then, are about combining <i>fingerprint-based public-key distribution</i> with
553<i>certificate-based private-key management</i>.  The first paper above presents the
554cryptoID fingerprint and certificate formats, which are designed specifically for
555this.  CryptoIDlib lets you test-drive these formats.
556<p>The second paper presents private-key management protocols for use with online servers.
557Support for these is being added to cryptoIDlib.
558
559<a name="tls_lite">
560<H2><a href="tls_lite/">TLS Lite</a></H2>
561<b>Code:</b> tls_lite python library v0.1.8 (<a href="tls_lite/tls_lite-0.1.8.zip">.zip</a>, <a href="tls_lite/readme.txt">readme.txt</a>)<br>
562<p>
563TLS Lite is a free python library that implements SSL 3.0 and <a href="http://www.ietf.org/rfc/rfc2246.txt">TLS 1.0</a>.
564TLS Lite supports non-traditional authentication methods such as <a href="http://trevp.net/tls_srp/index.html">SRP</a>,
565<a href="http://www.ietf.org/internet-drafts/draft-ietf-tls-sharedkeys-02.txt">shared keys</a>,
566and <a href="http://trevp.net/cryptoID/index.html">cryptoIDs</a>, in addition to X.509 certificates.  TLS Lite is pure
567<a href="http://www.python.org">Python</a>, however it can access <a href="http://www.openssl.org/">OpenSSL</a> or
568<a href="http://www.cs.auckland.ac.nz/~pgut001/cryptlib/">cryptlib</a> for faster crypto operations.
569
570<a name="tlssrp">
571<H2><a href="tls_srp/">TLS/SRP</a></H2>
572<b>Internet-Draft:</b>  Using SRP for TLS Authentication (<a href="tls_srp/draft-ietf-tls-srp-06.txt">.txt</a>, <a href="tls_srp/draft-ietf-tls-srp-06.html">.html</a>)
573<p><a href="http://srp.stanford.edu">SRP</a> is the best way to do password authentication
574across a network.  <a href="http://www.ietf.org/html.charters/tls-charter.html">TLS</a> (aka SSL v3.1)
575is the best way to do channel security.  What could go better together?
576<p>This draft modifies the TLS handshake to use SRP.  This combination of
577password-based mutual authentication and the TLS record layer is
578ideal for protecting protocols like POP3 and HTTP.
579
580<a name="dss">
581<H2>DSS</H2>
582<b>Requirements:</b>  DSS Use Case Requirements Analysis (<a href="dss/oasis-dss-1.0-requirements-wd-12.pdf">.pdf</a>, <a href="dss/oasis-dss-1.0-requirements-wd-12.doc">.doc</a>)<br>
583<b>Specification Working Draft:</b> Digital Signature Service Core Protocol and Elements (<a href="dss/oasis-dss-1.0-core-spec-wd-10.pdf">.pdf</a>, <a href="dss/oasis-dss-1.0-core-spec-wd-10.doc">.doc</a>)<br>
584<b>Schema Working Draft:</b> oasis-dss-1.0-core-schema-wd-10 (<a href="dss/oasis-dss-1.0-core-schema-wd-10.xsd">.xsd</a>)<br>
585<b>Somewhat Related Paper:</b> Delegated Cryptography, Online Trusted Third Parties, and PKI
586(<a href="delegatedCrypto/delegatedCrypto.pdf">.pdf</a>, <a href="delegatedCrypto/delegatedCrypto.html">.html</a>)<br>
587<i>(presented at the <a href="http://www.cs.dartmouth.edu/~pki02/">1st Annual PKI Research Workshop</a>)</i>
588<p>The <a href="http://www.oasis-open.org/">OASIS</a> <a href="http://www.oasis-open.org/committees/dss/">Digital Signature Service Technical Committee</a>
589is designing protocols for signing, verifying, and
590time-stamping of XML documents and other data.  The idea is to perform these
591operations on servers, thus freeing clients from having to manage private
592keys, calculate certificate paths, and so on.
593<p>Also listed is a paper arguing for the server-based approach vs. client-side PKI.
594
595<a name="cryptoURL">
596<H2>CryptoURLs</H2>
597<b>Draft of potential Internet-Draft:</b> The "crypto" URL scheme (<a href="cryptoURL/draft-ietf-cryptoURL-01.txt">.txt</a>, <a href="cryptoURL/draft-ietf-cryptoURL-01.html">.html</a>)<br>
598<p>
599CryptoURLs add "crypto metadata" like content hashes and key fingerprints to normal URLs.
600The resulting URLs are <a href="http://zooko.com/distnames.html">self-authenticating</a>,
601like <a href="http://citeseer.nj.nec.com/mazieres99separating.html">SFS file names</a> or
602<a href="http://research.microsoft.com/users/tuomaura/CGA/">Cryptographically Generated Addresses</a>.
603These could be useful in:
604<dir>
605<LI>web pages:
606  <dir>
607  <LI>a page could link to software binaries and include their hash
608  <LI>a portal could provide secure introductions to a community of sites
609  </dir>
610<LI>XML documents (e.g. extending an <a href="http://www.w3.org/TR/xmldsig-core/">XML-DSIG</a> over external references)
611<LI>protocols (e.g. HTTP Redirects or LDAP Referrals)
612<LI>software configuration (you could configure a client with the address and fingerprint of a server in one step)
613</dir>
614<a href="http://www.waterken.com/dev/YURL/">YURLs</a> are another approach to self-authenticating URLs.
615
616<a name="cryptlibConverter">
617<H2><a href="cryptlibConverter/">CryptlibConverter</a></H2>
618<b>Code:</b>  Version 5 for cryptlib 3.1 (<a href="cryptlibConverter/cryptlibConverter5_cl31.zip">.zip</a>, <a href="cryptlibConverter/readme.txt">readme.txt</a>)
619<p>This is a python script that generates java, python, and C# wrappers for
620<a href="http://www.cs.auckland.ac.nz/~pgut001/cryptlib/">cryptlib</a>.  A set of wrappers for
621cryptlib 3.1 is included in the .zip file.  The python and C# wrappers are also included in the latest cryptlib distribution.
622<br>
623<a name="cryptoID">
624<H2><a href="cryptoID/">CryptoIDs</a></H2>
625<b>Paper 1:</b> Public Key Distribution through "cryptoIDs" (<a href="cryptoID/cryptoID.pdf">.pdf</a>, <a href="cryptoID/cryptoID.html">.html</a>) <i>(presented at <a href="http://www.nspw.org/2003/">NSPW 2003</a>)</i><br>
626<b>Paper 2:</b> The CryptoID Key Management Protocols (<a href="cryptoID/cryptoID2.pdf">.pdf</a>) <i>(the best introduction)</i><br>
627<b>Schema:</b>  XML Schema for &lt;certChain&gt; (<a href="cryptoID/cryptoID.xsd">.xsd</a>)<br>
628<b>Code:</b>  CryptoIDlib Python and Java library and command-line tool v0.1.8 (<a href="cryptoID/cryptoIDlib-0.1.8.zip">.zip</a>, <a href="cryptoID/readme.txt">readme.txt</a>)
629<p>PKI isn't working for person-to-person communications.  Few people use
630secure email, voice, instant-messaging, or anything else.
631<p>CryptoIDs are an alternative.  The idea is for people to exchange small,
632user-friendly fingerprints (aka "cryptoIDs") like 'cyhf4.9ajd8.kbdx4.rk98c'.
633These could be passed around and stored in address books as if they were phone
634numbers or postal addresses.
635<p>The cryptoID for each user would correspond to that user's <i>root key</i>.
636The user would keep his root key in a safe place - his employer or
637some commercial service might hold it for him.  The rootholder would operate
638an online service which would issue short-lived <i>subkey certificates</i> or <i>validation signatures</i> to the user.
639<p>CryptoIDs, then, are about combining <i>fingerprint-based public-key distribution</i> with
640<i>certificate-based private-key management</i>.  The first paper above presents the
641cryptoID fingerprint and certificate formats, which are designed specifically for
642this.  CryptoIDlib lets you test-drive these formats.
643<p>The second paper presents private-key management protocols for use with online servers.
644Support for these is being added to cryptoIDlib.
645
646<br>
647<br>
648</body>
649</html>
650