pki-tc-chair message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: PKI Standards
- From: Mitchell Arnone <marnone@parsippany.sns.slb.com>
- To: pki-tc-chair@lists.oasis-open.org
- Date: Tue, 10 Jun 2003 09:13:27 -0400
I replied to your survey about obstacles to PKI. I would like to
elaborate just a little more in that since PKI is perceived as a
technology pertaining to information security, standards and or best
practices for deployment such as providing a secure room to house the CA
(the PKI enclave) and understanding generally accepted levels of
assurance and how each impacts security related to the infrastructure
security as well as credential security would benefit everyone involved
with PKI.
Many of us involved with PKI have had experiences that we can draw upon
but it is important to be able to reference nationally/internationally
accepted and documented standards that help to assure customers that best
practices are being followed in the construct and that just the right
amount of security is being applied (not too much and not too
little).
What are the key elements of a PKI audit? Where can we get
standards based documentation that will help guide a PKI build to ensure
that the final result will stand up to an (any) audit based on the
desired level of assurance.
We use things like the FBCA CP and other documents as examples but this
is insufficient documentation.
Regards,
Mitch
***********************************************************
Mitchell Arnone
Managing Consultant
SchlumbergerSema
Technical Consulting Practice, Northeast Region
marnone@slb.com
www.slb.com/nws
SchlumbergerSema
Network & Infrastructure Solutions
194 Wood Avenue, South
Iselin, NJ 08830
Direct Line- (410) 579-8691
Mobile - (443) 864-1590
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]