[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Feedback on PKI Action Plan
Here are some comments on the PKI Action Plan that I received. Let's discuss them at our next meeting. Thanks, Steve -------- I think this is a great effort and I really hope we are successful. I only had a few comments after reviewing the document: Introduction I thought the final sentence of the last paragraph was a bit too definitive w/o any words to back it up: "Within two years, PKI deployment should be substantially easier". Perhaps that would be better moved to a conclusion section, after telling me about the action plan. Or you could insert "our primary goal is that" before "PKI deployment". P. 4. end, typo: s/Because of/Because p. 7. typo: s/should unbiased/should be unbiased Action Items Although controversial, we might learn a lot by critiqueing existing PKI-enabled applications and explaining the problems and/or how they could have made things simpler or more interoperable. There's been a trend in the standards in recent years to hide and reduce the complexity of PKI by moving it to servers (ex: XKMS, DPV/DPD, DSS) but most of these standards are still in development or haven't been in the market long enough or have had enough application support to know if they will be successful in that goal. Does the group plan to encourage deployment of these standards as a way to reduce the cost & complexity of applications using PKI? I think it is a fine goal to develop guidelines, etc for the 3 most popular applications, but I think it would also be beneficial to document examples of why you should use (or pay for) these PKI-enabled applications. This might be addressed by the "provide educational materials" AI. I think the action items may be placing too much emphasis on applications and not enough on the infrastructure. You may be able to come up with a simple profile/guidelines for using and developing secure email, but if it is still too hard and too much cost to obtain and manage a certificate (or the benefits of using it are too low), then I think the ball stops there, so to speak.
S/MIME Cryptographic Signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]