[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [egov] National Health Technology Standards Corporation
Anders, There are many roads all leading to Rome. For example the IHE XDS work is also creating a secure document sharing infrastructure, and using common specifications. I believe this shows the importance of the work OASIS is doing in defining open public specifications that can provide the glue that aligns these parts together. The HSS department just received 500 responses to its RFI. The bottom line is I expect several of these initiatives to emerge and that each will vie for attention. Those best able to provide easy to adopt and low cost tools based on open public specifications and open source I do believe will prevail. 2005 is shaping up to be a very challenging year for OASIS to meet the demands that the burgeoning US Healthcare costs are driving. I'm not sure the the healthcare system will be totally one-size-fits-all - but certainly it has the potential to span several industry sectors. Ultimately that is a good thing. DW ----- Original Message ----- From: "Anders Rundgren" <anders.rundgren@telia.com> To: "eGov OASIS" <egov@lists.oasis-open.org> Sent: Sunday, January 30, 2005 3:14 AM Subject: [egov] National Health Technology Standards Corporation > http://news.com.com/High-tech+alliance+for+digital+health+network/2100-1028_3-5550628.html?tag=nefd.top > > If this is for real, it could have a rather profound effect on (F)PKI, as it > seems that they are trying to create "a scalable and secure architecture for > information exchange and collaboration" (my wording).. > > If this consortium succeeds in creating a working architecture for healthcare, > they have "fixed the rest as well" as it seems that healthcare comprises > practically all security, privacy and legal issues one could imagine. > > This is likely to be yet another blow at the already severely marginalized > S/MIME scheme, as the network with a high certainty will be based on Web > Services, and due to that also feature a "Gateway PKI". > > Gateways will be the norm for most org-to-org communication including > cross-border dittos as can be seen by this document: > http://europa.eu.int/idabc/en/document/3760 > > Although gateways are well-known by security people, something went terribly > wrong when this extremely time-proven concept met with PKI. I guess this must > have had something to do with the idea that PKI's sole mission in life is > providing legally binding signatures for individuals. But this is actually > only one out of a myriad of PKI applications. > > Now to a yet not solved question: What exactly is a gateway certificate? > > Anders Rundgren > Senior PKI Architect > working for a major computer security company > > Disclaimer: > This is my personal opinion, not to be associated with my employer > > > To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/egov/members/leave_workgroup.php. > > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]