AD-Assurance Notes from May 3

Lee Amenya, UCSD
Mark Rank, UCSF 
Jeff Capehart, UFL 
Ron Thielen, UChicago 
David Walker, InCommon/Internet2 
Eric Goodman, UCOP

Next Call

May 10 at Noon ET
+1-734-615-7474 PREFERRED

Agenda: Discuss Questions for Microsoft with Microsoft (tentative)

Action Items

  • David Walker will revise Questions for Microsoft later today. Please review by Tuesday, May 7 for call with Microsoft on Friday, May 10.
  • Ann to contact Dean to join us on May 10. Also suggest he include Tim Myers, Security Program Manager, Common Criteria and FIPS 140-2 Security Evaluations at Microsoft
  • Ann/David will develop some intro materials that summarizes the Assurance Program and upper level issues that the group has identified.


  • We have decided to close the open issue in the 2012 AD Silver Cookbook about passwords being unencrypted in memory.  We believe those IAP requirements apply to passwords in storage (e.g., disk storage), not memory.
  • Specific issues related to Questions for Microsoft, as well as a few background paragraphs, will be reflected in the next revision (later today).
  • No labels