OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

egov message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [egov] National Health Technology Standards Corporation

I'm not certain how you arrived at all of the fine-grained technical
details you put forth below, as the URL you provided did not speak at
that level. Could you please provide an additional source to support the
information that you provide below?

Kind Regards,
Joseph Chiusano
Booz Allen Hamilton
Strategy and Technology Consultants to the World
 

> -----Original Message-----
> From: Anders Rundgren [mailto:anders.rundgren@telia.com] 
> Sent: Sunday, January 30, 2005 3:15 AM
> To: eGov OASIS
> Subject: [egov] National Health Technology Standards Corporation
> 
> http://news.com.com/High-tech+alliance+for+digital+health+netw
> ork/2100-1028_3-5550628.html?tag=nefd.top
> 
> If this is for real, it could have a rather profound effect 
> on (F)PKI, as it seems that they are trying to create "a 
> scalable and secure architecture for information exchange and 
> collaboration" (my wording)..
> 
> If this consortium succeeds in creating a working 
> architecture for healthcare, they have "fixed the rest as 
> well" as it seems that healthcare comprises practically all 
> security, privacy and legal issues one could imagine.
> 
> This is likely to be yet another blow at the already severely 
> marginalized S/MIME scheme, as the network with a high 
> certainty will be based on Web Services, and due to that also 
> feature a "Gateway PKI".
> 
> Gateways will be the norm for most org-to-org communication 
> including cross-border dittos as can be seen by this document:
> http://europa.eu.int/idabc/en/document/3760
> 
> Although gateways are well-known by security people, 
> something went terribly wrong when this extremely time-proven 
> concept met with PKI. I guess this must have had something to 
> do with the idea that PKI's sole mission in life is providing 
> legally binding signatures for individuals.  But this is 
> actually only one out of a myriad of PKI applications.
> 
> Now to a yet not solved question: What exactly is a gateway 
> certificate?
> 
> Anders Rundgren
> Senior PKI Architect
> working for a major computer security company
> 
> Disclaimer:
> This is my personal opinion, not to be associated with my employer
> 
> 
> To unsubscribe from this mailing list (and be removed from 
> the roster of the OASIS TC), go to 
> http://www.oasis-open.org/apps/org/workgroup/egov/members/leav
> e_workgroup.php.
> 
>

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]