[announce] OASIS Forms PKI Technical Committee

[Carol Geyer <carol.geyer@oasis-open.org>]

OASIS Members Form Technical Committee to Advance PKI Adoption for
Secure Transactions

Baltimore Technologies, Computer Associates, Entrust, KPMG, Neucom, RSA
Security, Sun Microsystems, VeriSign, Wells Fargo, and Others Work to
Facilitate Interoperability of Foundational Security Standard

Boston, MA, USA; 7 January 2003 -- The OASIS standards consortium has
organized a new technical committee to advance adoption of the
Public-Key Infrastructure (PKI) for Web services and other applications.
PKI serves as a foundation to enable secure e-business transactions. The
new technical committee has been created within the OASIS PKI Member
Section, a group formed as a result of the recent transition of the
advocacy group, PKI Forum, to OASIS.

The OASIS PKI Technical Committee will serve as a global information
resource for PKI. It will work to increase awareness of digital
certificates as an important component for managing access to network
resources, delivering secured electronic messages and conducting
electronic transactions. Deliverables from the committee will include
white papers, implementation
guidelines, and conformance tests to promote the adoption of the PKI
technology.

"We want to address the issues behind the successful deployment of
digital certificates to meet business and security requirements. Our
collaboration will focus on overcoming technical and integration
challenges and promoting greater interoperability," explained Terry
Leahy of Wells Fargo, chair of the new OASIS PKI Technical Committee.
"The OASIS PKI Technical Committee will serve as a community forum for
exchanging information on using PKI and digital certificates in
application-focused standards and projects, and as a mechanism for the
creation of documents related to the implementation of PKI
internationally."

PKI serves as a foundation for other Web services standards, and the new
technical committee joins the growing body of security specifications
being developed within OASIS, such as WS-Security, the Security
Assertion Markup Language (SAML), the XML Access Control Markup Language
(XACML), the Rights Language, the Service Provisioning Markup Language
(SPML) and XML Common Biometric Format (XCBF) and the Digital Signature
Services (DSS) protocol.

"PKI and digital certificates have become key components of
identity-related security services," said John Sabo of Computer
Associates, vice chair of the OASIS PKI Technical Committee. "We expect
the Technical Committee to cover a broad range of business and technical
issues and address the practical use of PKI in support of high trust
applications on the Web and in other networked environments."

Participation in the OASIS PKI Technical Committee remains open to all
organizations and individuals. OASIS will host an open mail list for
public comment, and completed work will be freely available to the
public without licensing or other fees. Information on joining OASIS can
be found on http://www.oasis-open.org/join.

Industry Support for PKI

"As a transparent technology integrated into a total identity management
system, PKI will be a key enabling technology for the use of Web
services and other software technologies in high-trust application
environments," said Ron Moritz, senior vice president for eTrust
security solutions at Computer Associates. "Computer Associates strongly
supports the work of the OASIS PKI Technical Committee and looks forward
to working closely with the other committee participants to ensure the
effectiveness of next-generation PKI implementations."

"DataPower believes that the demand for more robust and efficient
methods of verifying user identity and protecting sensitive information
across Web service applications becomes ever more critical as XML-based
messaging continues to proliferate," says Eugene Kuznetsov, founder,
president and CTO at DataPower Technology Inc.  "PKI is the security
infrastructure and the framework for managing keys and digital
certificates; DataPower wholly supports the new OASIS PKI Technical
Committee as it addresses the industry's need for successful deployment
of digital certificates and the technical and interoperability issues
around that."

"As a market-leader in public-key infrastructure, Entrust is pleased to
be able to contribute its expertise as a member of the new OASIS PKI
Technical Committee," said Brian O'Higgins, chief technology officer,
Entrust, Inc. "We plan to leverage our 10-year history in deploying PKI
to customers worldwide to help the new committee successfully reach its
goals of providing an international forum for sharing best practices and
driving further deployments and interoperability."

"Digital certificates are of growing importance worldwide, as
organizations
focus on lowering both cost and risk for expanded e-business
initiatives,"
said Bill McQuaide, senior vice president, Authentication division at
RSA
Security.  "As a leader in a wide range of standards activities across
many
standards groups, RSA Security is pleased to continue to support
PKI-related
activities under the new OASIS structure."

"The creation of this group couldn't come at a better time," said Dr.
Phillip Hallam Baker, Principal Scientist and Web Services Security
Architect at VeriSign, Inc. "The industry has now recognized the need to
integrate trust and security into Web Services infrastructure, and it
clearly makes sense to
embrace PKI as a cornerstone of those efforts."




About OASIS (http://www.oasis-open.org)

OASIS (Organization for the Advancement of Structured Information
Standards) is a not-for-profit, global consortium that drives the
development, convergence, and adoption of e-business standards. Members
themselves set the OASIS technical agenda, using a lightweight, open
process expressly designed to promote industry consensus and unite
disparate efforts. OASIS produces worldwide standards for security, Web
services, XML conformance, business transactions, electronic publishing,
topic maps and interoperability within and between marketplaces. OASIS
has more than 600 corporate and individual members in 100 countries
around the world.

For more information:

Carol Geyer
Director of Communications
OASIS (www.oasis-open.org)
carol.geyer@oasis-open.org
+1.978.667.5115 x209