% wallet-2-slides.tex -- Slides for 2008 wallet talk.
% $Id: wallet-2-slides.tex 3973 2008-05-14 04:19:49Z eagle $
%
% Written by Russ Allbery <rra@stanford.edu>

\documentclass[landscape,semhelv]{seminar}
\usepackage{url}
\usepackage{hyperref}

\newpagestyle{mypagestyle}%
  {Stanford University \hfil \thedate \hfil \thepage}%
  {\hfil Russ Allbery (rra@stanford.edu) \hfil}
\pagestyle{mypagestyle}

\begin{document}

\begin{slide}
  \begin{center}
    {\large Wallet} \\
    Secure Data Distribution and Management \\
    2008 Update

    \vspace{1in}
    
    Russ Allbery \\
    May 13, 2008
  \end{center}
\end{slide}

\begin{slide}
  \section*{Contents}

  \begin{itemize}
  \item What is the Wallet?
  \item The Goal
  \item The Architecture
  \item Example Wallet Object
  \item Wallet Object Types
  \item Wallet ACL Verifiers
  \item Next Steps: 1.0...
  \item Next Steps: ...and Beyond
  \end{itemize}
\end{slide}

\begin{slide}
  \section*{What is the Wallet?}

  \begin{itemize}
  \item Manages any type of secure data
    \begin{itemize}
    \item Keytabs and simple files implemented
    \item WebAuth keyrings and X.509 CA planned
    \item Extensible system for adding new types
    \end{itemize}
  \item Rich ACL mechanism
    \begin{itemize}
    \item Fine-grained access control for operations
    \item Simple identity and NetDB implemented
    \item Extensible system for adding more verifiers
    \item PTS, LDAP, and nested groups planned
    \end{itemize}
  \item Built on remctl, but server and client can be replaced with any
    other authenticated RPC layer (SOAP, REST, etc.) without major server
    changes
  \end{itemize}
\end{slide}

\begin{slide}
  \section*{The Goal}

  \begin{itemize}
  \item All secure data goes into the wallet
  \item All non-secure system information goes into Puppet
  \item Fully automated server deployment except for initial keying (and
    maybe initial keying as well)
  \item Chained permissions: key the server and the server key can
    download other required secure data
  \item Central management of secure data
  \item Allows automated rekeying where appropriate
  \item Unchanging support for generated objects
  \end{itemize}
\end{slide}

\begin{slide}
  \section*{The Architecture}

  \begin{itemize}
  \item Authorization and privacy via remctl protocol
  \item C client with simple command passthrough, handling of file
    creation and some special keytab logic
  \item Server wrapper that interprets remctld authentication
  \item Wallet::Server handles ACL checking and high-level API
  \item Separate ACLs for show/get/store/destroy and owner
  \item Wallet::Object::* implements each wallet type
  \item Wallet::ACL::* (will be renamed) implements ACL types
  \item Basic support for local policy and object autocreation
  \end{itemize}
\end{slide}

\begin{slide}
  \section*{Example Wallet Object}

\footnotesize
\begin{verbatim}
           Type: keytab
           Name: host/windlord.stanford.edu
          Owner: host/windlord.stanford.edu
       Enctypes: aes256-cts
     Created by: rra/root@stanford.edu
   Created from: windlord.Stanford.EDU
     Created on: 2007-12-06 16:55:13
  Downloaded by: rra/root@stanford.edu
Downloaded from: windlord.Stanford.EDU
  Downloaded on: 2008-02-08 13:38:56

Members of ACL host/windlord.stanford.edu (id: 2) are:
  krb5 host/windlord.stanford.edu@stanford.edu
  netdb-root windlord.stanford.edu
\end{verbatim}
\end{slide}

\begin{slide}
  \section*{Wallet Object Types}

  \begin{itemize}
  \item Support create, destroy, get, store
  \item Can hook into flag settings
  \item Can support arbitrary per-type attributes (example: enctypes)
  \item Currently implemented:
    \begin{itemize}
    \item Simple file objects (opaque data chunks)
    \item Kerberos keytabs
    \end{itemize}
  \end{itemize}
\end{slide}

\begin{slide}
  \section*{Wallet ACL Verifiers}

  \begin{itemize}
  \item Initialize method to create persistant resources
  \item Check method to check an identity against an ACL value
  \item Currently implemented:
    \begin{itemize}
    \item krb5 (simple identity comparison)
    \item NetDB roles (Stanford's GPL'd host management software)
    \end{itemize}
  \item Nested groups will require some special handling to prevent
    recursion
  \end{itemize}
\end{slide}

\begin{slide}
  \section*{Next Steps: 1.0...}

  \begin{itemize}
  \item Better history support for deleted objects
  \item Better reporting and search
  \item Heimdal support for the client (and maybe server)
  \item Upgrade support for the database
  \item LDAP and PTS ACL verifiers
  \item WebAuth keyring object type
  \item Tests, tests, tests
  \end{itemize}
\end{slide}

\begin{slide}
  \section*{Next Steps: ...and Beyond}

  \begin{itemize}
  \item X.509 and ssh keypair object type support
  \item Rekeying
  \item remctl server fixes to allow data containing nuls
  \item Better object templating for autocreation
  \item Even more documentation: conventions, naming, replacing the
    protocol
  \item More native Perl support for kadmin and Kerberos
  \item CGI and REST proof of concept
  \end{itemize}
\end{slide}

\end{document}