FYI: ABA ISC Meeting Notice

[Warwick Ford <WFord@xxxxxxxxxxxx>]

For the information of list subscribers...

========================================================================
PRELIMINARY MEETING NOTICE
========================================================================

Please correspond with:

Michael S. Baum, Esq. 
1390 Shorebird Way 
Mountain View, CA  94043 
v: 650.429.3444 
f: 650.961.7300 
e: michael@verisign.com 

Dear Committee Member and Prospective Members: 

You are cordially invited to participate in a meeting of the Information
Security Committee, Section of Science & Technology, American Bar
Association, on 14-16 January 1999 (Thursday through Saturday) in Redwood
Shores, CA. Our meeting immediately precedes the RSA Cryptography Conference
which begins in San Jose, CA on the 17th. The Oracle Corporation has
graciously agreed to sponsor this meeting at the Hotel Sofitel.  Special
thanks to Oracle VP Kate McGee, Esq. for her greatly appreciated efforts,
and thanks as well to corporate sponsorship from Compaq and Datum. Also, an
open meeting to consider the content of PKIX Part 4 (regarding certificate
policy) will be held on Sunday morning, January 17th at the San Jose
Fairmont Hotel.
The Committee will continue its advancement of public key infrastructure
legal and control issues, and will include further work on CA
evaluation/accreditation, commercial key recovery guidelines, PKI
evidentiary issues, certificate policy, and user liability, among other
matters.
Consistent with Section policy, ISC meeting participants must be members of
both the ABA and the ABA Section of Science and Technology. Please contact
Ann Kowalsky, Manager for the Section of Science & Technology, at ABA
headquarters in Chicago by phone: 312.988.5599, fax: 312.988.5628, or
<sciencetech@abanet.org> for membership information. You can become a paid
member of the ABA and the ISC at this meeting. An ABA associate membership
is available for non-lawyers. 
Meeting details appear below. I look forward to seeing you in Redwood
Shores. 
Sincerely, 

Michael S. Baum 
Chair, Information Security Committee
Section of Science & Technology, ABA 
--------------- 

INFORMATION SECURITY COMMITTEE
Section of Science & Technology, ABA
January 14-16, 1999

Proposed Agenda (in extended sessions, take breaks as needed) 
     14 January 1999 -- Thursday 
     0830 - 0900 Greetings, coffee, administrative matters (note: all times
are PST) 
     0900 - 0930 Introductions, meeting logistics, general announcements 
     0930 - 1030 Working Group updates 
     1030 - 1200 WG breakouts 
     1200 - 1300 Lunch speakers: 
Kate McGee, Esq., Oracle Corporation - Sponsor Welcome
Dan Cooperman, Esq., Sr. VP, General Counsel and Secretary, Oracle
Corporation
Topic: Enabling the Information Age Through Internet Computing
Debra Chong, Esq.
                            Topic: ABA Standing Committee on Technology and
Information Systems (SCOTIS)

     1300 - 1700 WG breakouts 
     1700 - ???? Watering hole discussions; possible continuation of WG
meetings 
     
     15 January 1999 -- Friday 
     0830 - 0900 Greetings, coffee, administrative matters 
     0900 - 0930 Updates -- logistics, administrative, WG related, etc.
     0930 - 1200 WG breakouts 
     1200 - 1300 Lunch speakers: 
Dave Billeter, Esq., State of WA, Bill Ferguson, CEO Arundel Consulting,
Gary Stoneburner, NIST
Topic: Establishing Trustworthy System Standards for CAs: Considering the
Value of CS2, ECMA, & ITSEC Standards in a PKI Environment
     1300 - 1700 WG breakouts 
     1700 - ???? Watering hole discussions; possible continuation of WG
meetings 
     16 January 1999 -- Saturday 
     0830 - 0900 Greetings, coffee, administrative matters 
     0900 - 0930 Updates -- logistics, administrative, WG related, etc. 
     0930 - 1130 WG breakouts 
     1130 - 1230 Lunch speakers: 
Parker Foley, VP of E-Comm., First Union Bank and Kevin Coleman, KPMG
Topic: Building a PKI Designed to Provide Enterprise-Wide CA and Digital
Certificate Services to the Bank's Business Units and Customers
Jim Wayman, Ph.D., Director National Biometric Test Center
Topic: The Implications of Biometrics on the Evaluation of PKIs
     1230 - 1300 Close & Path Forward 
     17 January 1999 -- Sunday (Open Meeting)
     0900 - 1200 PKIX Part 4 - Discussion with Santosh Chokani, Ph.D., and
Warwick Ford, Ph.D.
An open meeting to discuss an update of the PKIX CP/CPS Framework, in light
of more recent work by the ABA ISC, NACHA, and others. 
Location: the Crystal Room of the Fairmont Hotel in San Jose, CA.
Additional proposed agenda items, and speakers should be emailed to Michael
Baum <michael@verisign.com>.
Information Security Committee - Redwood Shores, CA
Electronic Commerce Division, Section of Science and Technology
MEETING DETAILS
January 14-16, 1999  (Thursday-Saturday)

Members are urged to participate in one of the work groups that will be
presenting/meeting during the ISC's meeting. Please contact Ruven Schwartz,
Esq. <Ruven.Schwartz@westgroup.com> for further information. 


**Accreditation Working Group 
Contacts:	Charlie Merrill, Esq. <cmerrill@concentric.net>
		Randy Sabett, Esq. <rsabett@spyrus.com>
		Lynn McNulty <lynn.mcnulty@internetmci.com> 

The current draft of the "PKI Evaluation Guidelines" dated December 7, 1998
(220 pages, 700K bytes) is posted on the individually passworded website at
<http://gsulaw.gsu.edu/gsuecp/isclawg/>. This project has attracted huge
amounts of legal and technical PKI talent, expertise and interest, and there
is a strong feeling that the work can be released for public comment by Q3
'99. E-mail to Chas Merrill <cmerrill@concentric.net> if you are planning on
working on this project at the January meeting and do not yet have a
username/password from Todd Vincent at GSU Law School. Additional material
and assignments will be posted on the passworded website shortly before the
January ISC meeting, reflecting some editorial meetings scheduled between
now and the ISC meeting. 


**Audit and Controls Working Group 
Contact: 	Kevin Coleman, CPA <kcoleman@kpmg.com>
	Charles LeGrand, CPA <clegrand@theiia.org>
	Gene Ozgar, CPA <gozgar@kpmg.com>
The Audit and Controls Working Group will continue to focus on the
requirements for the audit of certificate authorities, defining the audit
scope, model audit program, extent of test work and form of reporting. The
primary focus of the working group includes drafting of a model audit
program guide as a supplement to the PKI Evaluation Guidelines (PEG). Any
individuals with an interest or knowledge of important areas for audit
consideration are welcomed to assist.

**Certificate Services Agreements Working Group 
Contacts: 	Kevin O'Neill, Esq. <koneill@spyrus.com>
	Stephen Wu, Esq. <swu@verisign.com>
The Certification Services Agreements Work Group has begun writing
"Certification Services Agreements," which is an outgrowth of the ISC's
accreditation and certificate policies activity. The purpose of
"Certification Services Agreements" is to assist the authors of a
certificate policy definition, certification practice statement, subscriber
agreement, relying party agreement, or other agreement relating to
certification services by providing model forms and a menu of alternative
legal wording for use in particular clauses of such documents. The document
will include comments and annotations to the PEG. At the Seattle meeting,
the group reviewed its document drafting plan, and continued the drafting
process. At this meeting, the group will review the materials submitted
during and after the Seattle meeting and will continue its drafting work.


**Digital Signatures Laws & Regulations Working Group
Contacts:	Kenneth Allen, Esq. <brsec.kallen@email.state.ut.us>
		Dan Greenwood, Esq. <DGreenwood@state.ma.us>
		Dave Danner, Esq. <davidd@dis.wa.gov>

The Legislative and Regulatory Working Group will contribute from a public
law perspective to the drafting of the PKI Evaluation Guidelines and will
meet to discuss recent state government activities and developments
regarding electronic commerce and digital signatures. 


**Evidentiary Working Group 
Contacts:	Gary Fresen, Esq. <gary.w.fresen@bakernet.com>

The Evidentiary Work Group will provide an evidentiary and litigator's
review to the PEG legal section at the next meeting.


**Global Trade and Comparative Law Working Group 
Contacts: 	Joseph Alhadeff, Esq. <jalhadeff@uscib.org>
William Kennair, Esq. <kennair@johnvenn.co.uk>
Suzanne Thibodeau, Esq. <thibodsu@notarius.com>
	
The Global Notices and Comparative Law Work Group will advance standard
notices, disclosures and warnings for certificates and end-user PKI-oriented
products and services as a way of facilitating trade over secure global
infrastructures.


**Key Recovery Working Group (KRWG)
Contacts:	Emily Frye, Esq. <emilyfrye@ibm.net> 
		Dwight Olson, Esq. <dolson@dsiescrow.com> 
		Randy Sabett, Esq. <rsabett@spyrus.com>

The Key Recovery Working Group monitors key recovery initiatives,
legislation, and business models domestically and internationally. Work at
the January meeting will focus on defining key recovery stakeholders in a
joint project with the Key Recovery Alliance, as well as on assessing
whether a long-standing legislative resolution should continue to be
advanced by the ISC.  New work initiatives may include legal analysis and
drafting to meet notice requirements in key recovery implementations.


**Liability Working Group 
Contacts:	Maureen Adamache, Esq. <rmadama@magi.com> 
		Elise Reed, Esq. <ereed@oldrepnatl.com>

The Liability Work Group will focus its work at this meeting on the
advancement of the PKI Evaluation Guidelines.


**Reciprocity Task Group
Contacts: 	David Billeter, Esq. <billeter@secstate.wa.gov>
		Joe Alhadeff, Esq. < jalhadeff@uscib.org>

The Reciprocity Task Group will review and further consider the draft Model
Reciprocity Standards and Agreement. These documents will provide guidelines
for the inter-governmental recognition of foreign-licensed certification
authorities and will also provide private sector-generated solutions in the
form of guidelines and contract terms -which help companies obtain legal
recognition for their acts in foreign jurisdictions.

Logistics - ISC Meeting  (January 14-16, 1999)

Attire for the meeting: casual

First-time participants planning to attend the January 14-16 meeting: 
Please contact Ruven Schwartz, ISC ViceChair, at 651-687-8095 or
Ruven.Schwartz@westgroup.com for any questions, and to coordinate
work-product contributions for the upcoming meeting. 

ISC Meeting Location:
Sofitel Hotel, Redwood Shores, California

Meals and Fees: 
TBD

Lodging: 
The Hotel Sofitel in Redwood Shores is the site for the entire meeting (Jan.
14-16) and is clearly the most convenient hotel. A block of rooms has been
reserved by Oracle, our meeting's sponsor. Please tell the reservationist
that you are with the ABA/Information Security Committee and the rooms were
reserved by Oracle Corporation.  Rooms are available from the evening of the
13th of January at $155/night.  This rate will be available at least through
23 December of 1998.  Information about this Sofitel can be found online at
<www.sofitel.com>.

SOFITEL SAN FRANCISCO BAY 
223 Twin Dolphin Drive
Redwood City, CA  94065
Manager: Mr. Stephanie Ryan 
Concierge: Raymond Huang 
Phone: (650) 598 9000
Fax: (650) 598 0459

RSVP: 
Please confirm your intention to participate to Ann Kowalsky, Section Mgr.,
Section of Science and Technology <sciencetech@abanet.org> as soon as
possible.


Logistics - Open Meeting re: PKIX  Part IV (Sunday 17 January 1999, 9a.m. --
Noon)
The Crystal Room, Fairmont Hotel, San Jose, CA (Adjacent to the Convention
Center).  Brunch will be served.

FAIRMONT HOTEL - SAN JOSE
170 South Market Street
San Jose, CA 95113
(408) 998-1900 
<www.fairmont.com>



See you in Redwood Shores and San Jose!
 

==============================================================