[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Draft follow-up survey
At the end of this message, I have included a first draft of the August 2003 follow-up survey. Please review this and send comments to this email list. Note that I have marked a few questions and comments with ***. Please remember to review the list of obstacles to see if there are any more questions we should ask. Thanks, Steve ------------- OASIS PKI TC Follow-up Survey on PKI Obstacles In June 2003, the OASIS Public Key Infrastructure (PKI) Technical Committee conducted a survey to identify the biggest obstacles to PKI deployment and usage so that they can be addressed. Results from this survey are available at http://www.oasis-open.org/... The PKI TC has prepared this follow-up survey, which aims to clarify and better understand the obstacles identified in the earlier survey. This survey will only be active from August 11 through September 1. In late September, the PKI TC will gather to review the survey results and agree on steps to address the obstacles identified. Anyone who completes this survey will receive a copy of our report on this survey and a copy of our action plan. But first we need your help. Please complete this survey. Together, we can help make PKI better. *Privacy* To respect your privacy, responses will be kept confidential and only reported in aggregate form. However, your individual response will be used by OASIS PKI TC members and OASIS staff members in tabulating our results. If you choose to provide your email address, we will send you a copy of the survey results and invitations to participate in future surveys conducted by the OASIS PKI TC. Your email address will not be used for any other purposes or disclosed to anyone outside of OASIS. Please note that by submitting your answers to this survey, you consent to the transfer of data outside of your home country to members of the OASIS PKI TC and OASIS staff members. 1) Please enter your email address. This answer is required. It is necessary to correlate your answers to this survey with your answers to the last survey. However, it will only be used as described in the Privacy statement above. _______________________ *Applications* 2) Document Signing Document Signing had the highest ranking of all applications in our previous survey. But Document Signing is a broad term. Please indicate the importance to you of these three types of Document Signing: Not Important Important Most Important Signing Electronic Forms () () () (generally not legally binding) Signing Contracts () () () (legally binding) Signing Documents before () () () Dissemination (so recipients can verify their source and integrity) *Using Points to Indicate Relative Importance* For many questions below, we will ask you to allocate 10 points among a set of items. Why? We want you to indicate how important the items are relative to each other, in your opinion. If you prefer to use 100 points for one set of items (or some other number of points), that's fine with us. We will normalize your point totals. 3) Obstacles Please use the point system described in the previous paragraph to indicate which of these obstacles to PKI deployment and usage are most important, in your view. Note that this list includes several obstacles that were frequently listed as an Other Obstacle by respondents to our previous survey. Software Applications Don't Support It ___ Costs Too High ___ PKI Poorly Understood ___ Poor Interoperability ___ Hard to Get Started - Too Complex ___ Hard for End Users to Use ___ Lack of Management Support ___ Too Much Legal Work Required ___ Hard for IT to Maintain ___ Insufficient Need ___ Enrollment Too Complicated ___ Smart Card Problems ___ Revocation Hard ___ Standards Problems ___ Too Much Focus on Technology, Not Enough on Need ___ *Detailed Analysis of Obstacles* The last survey included several broad obstacles that we must understand in more detail before we can address them. Here we ask you to provide more detail about the four obstacles that were most highly ranked in responses to the previous survey. 4) Software Applications Don't Support It Many respondents to our previous survey indicated that "Software Applications Don't Support It" is an obstacle to PKI deployment and usage. If you believe that it is not an obstacle, please skip to question 5. a) Which of these software applications most critically needs improvements in PKI support? Please allocate 10 (or more) points. Document Signing ___ Web Server Security ___ Secure Email ___ Web Services Security ___ Virtual Private Network ___ Single Sign On ___ Secure Wireless LAN ___ Electronic Commerce ___ Code Signing ___ Secure RPC ___ Other Application ___ b) Please tell us whether the applications you indicated above typically are completely lacking in PKI support or have some PKI support, but that support is insufficient. If the support is insufficient, in what way? _______________________________________________________ _______________________________________________________ _______________________________________________________ ***This seems like it might be a bit too much detail. Couldn't we do this research ourselves? Maybe not. c) Do you have any specific suggestions for things the PKI TC (or others) could do to help improve application support? _______________________________________________________ _______________________________________________________ _______________________________________________________ 5) Costs Too High Many respondents to our previous survey indicated that "Costs Too High" is an obstacle to PKI deployment and usage. If you believe that it is not an obstacle, please skip to question 6. a) Which of these costs are most problematic in PKI deployment and usage? Please allocate 10 (or more) points among these items to indicate which of these costs are most problematic in PKI deployment and usage. Cost of Initial System Design ___ Cost of Software Acquisition ___ Cost of Secure Facilities ___ Cost of Software Integration ___ Cost of Training ___ Cost of Cross-Certification ___ Non-technical Setup Costs (e.g. legal & CPS) ___ Cost of Smart Cards and Readers ___ Cost of Initial Certificate Issuance ___ Cost of Support Contracts ___ Cost of End-User Support ___ Cost of On-going Operations ___ Other Costs (describe below) ___ Other Costs: _________________________________________________ b) Would you say that these cost problems are largely eliminated if the number of users involved is large (amortizing large fixed costs)? () Yes () No ***Can't we conclude this ourselves? Is it important that we ask this? c) Do your comments about costs pertain primarily to outsourced PKI services, in-house PKI, or both? () Outsourced PKI () In-house PKI () Both d) Do you have any specific suggestions for things the PKI TC (or others) could do to help reduce costs? _______________________________________________________ _______________________________________________________ _______________________________________________________ 6) PKI Poorly Understood Many respondents to our previous survey indicated that "PKI Poorly Understood" is an obstacle to PKI deployment and usage. If you believe that it is not an obstacle, please skip to question 7. a) Here is a list of parties often involved in PKI deployment and usage. Please allocate 10 (or more) points among these items to indicate where greater PKI understanding is most needed. Senior Management ___ IT Management ___ IT Staff ___ Users ___ Vendors ___ 7) Poor Interoperability Many respondents to our previous survey indicated that "Poor Interoperability" is an obstacle to PKI deployment and usage. If you believe that it is not an obstacle, please skip to question 8. a) Where do the most serious interoperability problems arise? Please allocate 10 (or more) points among these items. Certificate Issuance ___ Certificate Revocation ___ Smart Card ___ Operating System ___ Server Software ___ Application-Smart Card ___ Application-Certificate ___ Cross-Certification ___ Other (describe below) ___ Other: _______________________ b) Interoperability is an especially complex area. Please describe any interoperability problems you want to highlight and offer any suggestions you may have for addressing them. _______________________________________________________ _______________________________________________________ _______________________________________________________ 8) Other Comments or Suggestions If you have any other comments or suggestions to offer, please feel free to do so here. We are especially interested in hearing your thoughts on how to address the obstacles listed in this survey. We will consider your comments carefully. You may also email comments to the PKI TC co-chairs at pki-tc-chair@lists.oasis-open.org. These comments will be passed on to the rest of the TC after any identifying information has been removed. NOTE: We have saved any comments you supplied in response to the previous survey. Those comments will also be considered. _______________________________________________________ _______________________________________________________ _______________________________________________________
S/MIME Cryptographic Signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]