Child pages
  • April 26, 2013
Skip to end of metadata
Go to start of metadata

AD-Assurance Notes from April 26

Michael Brogan, UWash 
Lee Amenya, UCSD
Mark Rank, UCSF 
Brian Arkills, UWash 
Jeff Capehart, UFL 
Ron Thielen, UChicago 
David Walker, InCommon/Internet2  
Ann West, InCommon/Internet2  

Next Call

May 3 at Noon ET
+1-734-615-7474 PREFERRED
+1-866-411-0013
0195240#

Tentative Call with MS : May 10

Agenda: Discuss Questions for Microsoft.

Action Items

  • Everyone to clarify Questions for Microsoft in preparation for a call with them, tentatively, May 10.
  • Ann to contact Dean to join us on May 10. Also suggest he include Tim Myers, Security Program Manager, Common Criteria and FIPS 140-2 Security Evaluations at Microsoft
  • Ann/David will develop some intro materials that summarizes the Assurance Program and upper level issues that the group has identified. 

Notes

  • Encouragement from the Technical Advisory Committee this week to consider "good enough" solutions.  
  • Questions
    • Review summary table and request verification. 
    • Memory storage of authn secret in scope for 4.2.3.4? 
    • What's the recommended/supported  BitLocker configuration for use with AD-DS?
    • Protected Channels - 4.2.3.6.1b - Gaps 
      • What does Secure Channel use? 
      • What's the impact of turning on the FIPS setting on all Domain Clients?
      •  RC4 HMAC encryption is not NIST or FIPS approved, and we would like to find out if it's comparable to those methodlogies that are.  Can you help with this? (Link to the AM risk assessment questions.) 
  • Ann/David will develop some intro materials that summarizes the Assurance Program and upper level issues that the group has identified. 
  • Next Call: Finalize questions for May 10 call (tentative). 
  • No labels