1 / 6

Project Moonshot update

Project Moonshot update. TF-EMC2 & TF-MNM 14 & 16 February 2011. Moonshot in a slide. There are many technologies for trust and identity; these tend to be application-specific; and inter-operability is awkward at best.

alyssa
Télécharger la présentation

Project Moonshot update

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Project Moonshot update TF-EMC2 & TF-MNM 14 & 16 February 2011

  2. Moonshot in a slide • There are many technologies for trust and identity; these tend to be application-specific; and inter-operability is awkward at best. • Wouldn’t it be nice if there was a single trust & identity technology for almost any application, that also scaled to the Internet? • Moonshot does this without inventing anything particularly new; it only combines existing deployed technologies in a novel way.

  3. Snapshot of the last 12 months • Jan 2010: Technical Feasibility Analysis • Feb 2010: Initial set of draft specs released • Mar 2010: Bar BoF @ IETF 77 • Jul 2010: Consensus to form WG @ IETF 78 • Sep 2010: 1st Moonshot developer meeting • Oct 2010: ABFAB chartered by IESG • Nov 2010: First ABFAB meeting @ IETF 79

  4. Specifications • Most of the technology specifications and related discussions have moved into the IETF ABFAB WG. • One of the remaining specifications (draft-howlett-radsec-knp) may be discussed at IETF 80. • The Key Negotiation Protocol (KNP) enables a RadSec client and server to use (GSS) EAP to authenticate each other (as EAP peer and authenticator), rather than (e.g.) X.509 certificates. • KNP should enable very large and self-organising AAA infrastructures for supporting Internet-scale identity & trust.

  5. Implementation • Implementation work mostly on track; approx 1 month delay in some components. • First major code delivery (EAP GSS library and GS2 SASL plug-in) for Moonshooting GSS and SASL applications is imminent. • Work on modifying other necessary core infrastructure is proceeding well. • JANET and SURFnet discussing areas of collaboration.

  6. Next six months • Greater focus on implementation • Port of GSS EAP library to Windows • Cross-platform client-based “Identity Selector” and “Identity Manager” • EAP Channel Bindings implementation in FreeRADIUS. • Everything packaged and shipping for Debian. • Second Moonshot meeting 24-25 March, Prague (open meeting, but please let Josh know). • Great demo planned for TNC. • KNP, delegation, and TLS/Moonshot integration are penciled in for Q3/Q4. • Some exciting announcements coming soon… 

More Related