• Introductions.
• Agenda bashing.
• Status reports.  AYSO, UCTrust Certification Repository, campus identity management systems.
• New applications for UCTrust.  The Effort Reporting System (ERS), UC Grid, Sakai, Human Resources training management system.  We'll spend most of our time with ERS.  See the attached ERS_and_UC_Trust.doc.
• Lunch.
• UCR's identity management system.
• UC's Identity Management Roadmap.  Everyone owes me their draft schedule by October 19.  See UC Identity Management Progress as of 10/20/2006.
• Management and Distribution of UCTrust Metadata.  See my electronic mail of 10/6/2006 (attached).

From:  David Walker <David.Walker@UCOP.EDU> Reply-To:  David Walker <David.Walker@UCOP.EDU> To:  UCIDMGMT-L@LISTSERV.UCOP.EDU Subject:  Ensuring the Validity and Correctness of UCTrust Security Information Date:  Fri, 6 Oct 2006 16:05:10 -0700

Everyone,

As promised, I've posted a proposal for managing UCTrust metadata and other security-related information at:

http://www.ucop.edu/irc/advtech/UCTrustWG/UCTrustSigning/UCTrustSigning-2006-10-06.html

We'll discuss it at our meeting on 10/24, but please send any comments you may have before then to the list.  For those of you who are so inclined, I've also collected the Perl scripts and GPG keyrings that are mentioned in that document, as well as a test case at:

http://www.ucop.edu/irc/advtech/UCTrustWG/UCTrustSigning/UCTrustSigning.tar.gz

They were developed under SuSE Linux 10.1, but I think they should be reasonably portable.  If you're familiar with Perl and GPG, please look this over to find the errors, operational difficulties, etc.  In particular, the GPG commands that verify digital signatures generate warnings about untrusted keys that I'd like to know how to eliminate.

David