Summary of GNOMIS meeting November 1-2 2001 =========================================== (Written by: Ingrid Melve, UNINETT AS) November 1-2 in Hurdal, Norway, 40 representatives from universitites and academic networks in Norway, Sweden and Finland met to discuss ongoing authentication and authorization projects and exchange information. In Finland the FEIDHE project is focussed on testing smart card support for applications like SSL, NetLogin, ssh, Kerberos. The FINEID (public smart card ID, issueable to all Finns) as well as in-house Certification Authorities are being tested for interoperability, useability and cost/benefit in a large scale test involving 750 users. Focus is on replacing username/password with public key encryption supported on smart cards. 9 pilots are working on testing and implementation, a report is expected by end of March 2002. In Sweden the SwUPKI project has put in place a CA for software server certificates of medium strength, available for Swedish universities when they build their access controled services. In Norway the FEIDE project looks at both user management, authentication/authorization and replacing username/password with public key encryption; all this for integrated services in and between universities and colleges in Norway. There was universal agreement that a condition for building a better access control system, is first to clean up the user managment system. User management systems administrate the rights and roles for each user which for the basics for authorization and authentication. Given the timelines involved for the various activities, it was agreed that another meeting to present results and discuss further work would take place adjecent to the NORDUnet conference in April (April 15-17, Copenhagen). A mailinglist gnomis@uninett.no is to be established, subscribe to gnomis-request@uninett.no The mailinglist is for discussions of authentication and authorization. The participants agreed to supply summaries of project information and technical information in English, to facilitiate the review of ideas and exchange of software, configuration and solutions. Information on testing performed is to be posted to the mailinglist, to help from doing the same tests over and over. Modelling of user management databases is something several parties are doing, there is a potential for further cooperation. More information is available from http://www.uninett.no/info/seminar/gnomis/ together with the presentations from the symposium.