One-Time Password Specifications (OTPS): Overview, Workshop Agenda, and Process DRAFT – 18 May 2005

OTPS Overview

• •

OTPS announced February 2005 Six drafts now posted for review and discussion, addressing different aspects of OTP processing:

— CT-KIP: Cryptographic Token Initialization Protocol — OTP-PKCS #11: PKCS #11 Mechanisms for One-Time Password Tokens — OTP-CAPI: Microsoft ® CryptoAPI Profile for One-Time Password Tokens — EAP-POTP: The Protected One-Time Password EAP Method — OTP-WSS-Token: Web Services Security One-Time Password Token Profile — OTP-ValidationService • Workshop objective: progress documents towards consensus — Consider for standards contributions where and as appropriate

Draft Workshop Agenda: Day 1

• • • • 1000-1030: Participant introductions, agenda review 1030-1040: OTPS process overview 1040-1200: OTP-PKCS #11 and OTP-CAPI 1200-1300: Lunch • • • 1300-1400: EAP-POTP 1400-1430: CT-KIP 1430-1500: Break • 1500-1700: OTP-WSS-Token and OTP-ValidationService

Draft Workshop Agenda: Day 2

• • • • 0900-1045: Continuation discussion and/or other OTPS topics as needed 1045-1100: Break 1100-1200: Suggestions and next steps 1200-1300: Lunch

OTPS Participation and Process

• • • Materials and information available at http://www.rsasecurity.com/rsalabs/otps Analogous to PKCS process, participation is open to anyone, independent of affiliation; no membership or agreements required — At workshops — On mailing list (to join, "subscribe otps" in email message body to [email protected]

) Guidelines posted on web page for formal contributions (i.e., new proposals or items, beyond comments and discussions) — Recent change clarifies derivative work rights to purposes of OTPS process and contributions to other forums