You are viewing a plain text version of this content. The canonical link for it is here.
Posted to general@incubator.apache.org by Jan Willem Janssen <ja...@luminis.eu> on 2015/12/02 15:53:03 UTC
Re: [DISCUSS] OpenMiracl for Incubation
Hi,
> On 10 Nov 2015, at 10:29, Nick Kew <ni...@apache.org> wrote:
>
> On Tue, 2015-11-10 at 01:33 +0000, Nick Kew wrote:
>> I should like to propose that we consider OpenMiracl for incubation.
>
> This proposal is now at
> https://wiki.apache.org/incubator/OpenMiraclProposal
I’ve read the proposal with great interest, but am still curious about
what exactly is donated upon entering the incubator and what is
intended for future development in the Apache community. Can anybody
shed some light on this?
--
Met vriendelijke groeten | Kind regards
Jan Willem Janssen | Software Architect
+31 631 765 814
My world is revolving around INAETICS and Amdatu
Luminis Technologies B.V.
Churchillplein 1
7314 BZ Apeldoorn
+31 88 586 46 00
http://www.luminis-technologies.com
http://www.luminis.eu
KvK (CoC) 09 16 28 93
BTW (VAT) NL8169.78.566.B.01
Re: [DISCUSS] OpenMiracl for Incubation
Posted by Patrick Hilt <pa...@miracl.com>.
Hi Jan, thanks for your interest! :-)
To answer your question...
Already noted in the proposal for being donated is the baseline platform for Milagro, which, on a high level, consists of the following:
Milagro libraries and tools consisting of:
- Distributed Key Management platform and service API
- Distributed Key Management CLI
- Software Defined Distributed Security Module (SD-DSM) build platform
- Distributed Key Management Endpoints (software)
- Crypto application stacks (some more info below)
COMPLETED and production ready components contributed to the project include:
- M-Pin Authentication and distributed trust platform - delivering password-less 2FA (see below for some more context…)
* M-Pin-in-Mobile Client Libraries for iOS, Android and Windows Phone
* M-Pin-in-Javascript Libraries for Browsers
- Generic library for IoT cryptography (the crypto lib that’s at the core of basically all the components)
IN BETA DEVELOPMENT and to be completed with Apache:
- Distributed Key Management platform and service API
- Distributed Key Management CLI
- Software Defined Distributed Security Module (SD-DSM) build platform
- Distributed Key Management Endpoints (software)
IN ALPHA DEVELOPMENT and to be completed with Apache:
- M-Pin Secure Channel - delivering certificate-less TLS-PSK
- M-Pin Secure Channel libraries for Linux, other embedded and mobile OS
- Distributed Trust Authority Crypto App
- Cloud Encryption Gateway
There is some nuance to the above.
First, the M-Pin Auth Platform uses a 2 D-TA model (i.e. a model with two sources of distributed trust). That architecture is being refined to incorporate a 3 D-TA model for cryptographic and data residency / customer requirement reasons. This shouldn't have much of an impact but that development is ongoing. In essence, the M-Pin auth platform is the basis for and ultimately evolving into the Milagro platform. Just like the 2 D-TA M-Pin platform supports the M-Pin authentication crypto app stack, the Milagro platform is designed to support a number of crypto app stacks.
One of those is the Distributed Trust Authority crypto app which is essentially a way for any 3rd party to create a D-TA and publicly register it as a community or commercial D-TA and in turn enable crypto applications (like the M-Pin Platform) to obtain shares of keys from the D-TAs. We are investigating using the Ethereum platform to do this, but any suggestions would be welcome as we flesh out the details.
We also have an internal M-Pin Secure Channel work stream and we have an alpha version using the 2 D-TA model providing TLS-PSK (with perfect forward secrecy) for the MQTT protocol. The plan is to evolve that further into a IoT secure channel crypto app on the Milagro platform.
And finally a word on patents:
Additionally, MIRACL will be licensing the M-Pin Authentication patents to the Apache Foundation under the terms of the contributor agreement. Those patents are US 9154302, US 9106644 and potentially others in our portfolio. NTT may contribute some of their IP as needed, that's in review.
The M-Pin IETF Informational draft is up on Datatracker at this link:
https://datatracker.ietf.org/doc/draft-scott-mpin/
I realize there is a lot to take in. Please respond back with any requests for more information or clarification.
Cheers,
Patrick
---
Patrick Hilt
Chief Technology Officer
MIRACL
> On Dec 2, 2015, at 3:53 PM, Jan Willem Janssen <ja...@luminis.eu> wrote:
>
> Hi,
>
>> On 10 Nov 2015, at 10:29, Nick Kew <ni...@apache.org> wrote:
>>
>> On Tue, 2015-11-10 at 01:33 +0000, Nick Kew wrote:
>>> I should like to propose that we consider OpenMiracl for incubation.
>>
>> This proposal is now at
>> https://wiki.apache.org/incubator/OpenMiraclProposal
>
> I’ve read the proposal with great interest, but am still curious about
> what exactly is donated upon entering the incubator and what is
> intended for future development in the Apache community. Can anybody
> shed some light on this?
>
> --
> Met vriendelijke groeten | Kind regards
>
> Jan Willem Janssen | Software Architect
> +31 631 765 814
>
> My world is revolving around INAETICS and Amdatu
>
> Luminis Technologies B.V.
> Churchillplein 1
> 7314 BZ Apeldoorn
> +31 88 586 46 00
>
> http://www.luminis-technologies.com
> http://www.luminis.eu
>
> KvK (CoC) 09 16 28 93
> BTW (VAT) NL8169.78.566.B.01
>
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org
Re: [DISCUSS] OpenMiracl for Incubation
Posted by Nick Kew <ni...@apache.org>.
On Wed, 2 Dec 2015 14:53:03 +0000
Jan Willem Janssen <ja...@luminis.eu> wrote:
> Hi,
>
> > On 10 Nov 2015, at 10:29, Nick Kew <ni...@apache.org> wrote:
> >
> > On Tue, 2015-11-10 at 01:33 +0000, Nick Kew wrote:
> >> I should like to propose that we consider OpenMiracl for
> >> incubation.
> >
> > This proposal is now at
> > https://wiki.apache.org/incubator/OpenMiraclProposal
>
> I’ve read the proposal with great interest, but am still curious about
> what exactly is donated upon entering the incubator and what is
> intended for future development in the Apache community. Can anybody
> shed some light on this?
Thanks for your interest.
Basically the starting point is the existing MIRACL library and
tools as currently seen at github.com/Certivox/ . I'll leave
it to Brian or Patrick to clarify further if they think it
necessary.
I'm just about to revisit the proposal to update the name.
I'll take a look at whether I think it needs clarifying.
So right now would be a good time for any further questions!
--
Nick Kew
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org