[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Final draft follow-up survey
Fortunately, I did receive a few comments in response to my request for review of the draft follow-up survey last week. Thanks! I have attached a copy of the final draft for our follow-up survey. Please review this ASAP and get me any comments. I have sent it to OASIS and asked them to post it. If any changes are required on our side, I'll notify them and get the changes made. The survey should be live on Monday, August 11 (I hope!). I have also attached a draft copy of the follow-up survey invitation that will be emailed out to people who responded to our last survey and supplied email addresses. Comments on that would also be appreciated. Thanks, Steve
OASIS PKI TC Follow-up Survey on PKI Obstacles
In June 2003, the OASIS Public Key Infrastructure (PKI)
Technical Committee conducted a survey to identify the
biggest obstacles to PKI deployment and usage so that
they can be addressed. Results from this survey are
available at http://www.oasis-open.org/...
The OASIS PKI TC has prepared this follow-up survey, which
aims to clarify and better understand the obstacles
identified in the earlier survey. This survey will
only be active from August 11 through September 1.
In late September, the OASIS PKI TC will gather to review
the survey results and agree on steps to address the
obstacles identified. Then we will work with vendors,
customers, standards groups, and others to agree on an
action plan and put it into practice. Anyone who completes
this survey will receive a copy of our report on the
survey, a copy of our action plan, and an invitation to
participate in putting it into practice.
But first we need your help. Please complete this
survey. Together, we can help make PKI better.
*Privacy*
To respect your privacy, responses will be kept confidential and only
reported in aggregate form. However, your individual response will be
used by OASIS PKI TC members and OASIS staff members in tabulating our
results. If you choose to provide your email address, we will send you
a copy of the survey results and invitations to participate in future
surveys conducted by the OASIS PKI TC. Your email address will not be
used for any other purposes or disclosed to anyone outside of OASIS.
Please note that by submitting your answers to this survey, you
consent to the transfer of data outside of your home country to
members of the OASIS PKI TC and OASIS staff members.
1. Please enter your email address. This answer is required. It is
necessary to correlate your answers to this survey with your
answers to the last survey. However, it will only be used as
described in the Privacy statement above.
_______________________
*Applications*
2. Document Signing
Document Signing had the highest ranking of all applications
in our previous survey. But Document Signing is a broad term.
Please indicate the importance to you of these three types
of Document Signing:
Not Important Important Most Important
Signing Electronic Forms () () ()
(generally not
legally binding)
Signing Contracts () () ()
(legally binding)
Signing Documents before () () ()
Dissemination (so
recipients can verify
their source and integrity)
*Using Points to Indicate Relative Importance*
For many questions below, we will ask you to allocate 10 points
among a set of items. Why? We want you to indicate how important
the items are relative to each other, in your opinion.
If you prefer to use 100 points for one set of items (or some
other number of points), that's fine with us. We will normalize
your point totals.
3. Obstacles
Please use the point system described in the previous paragraph
to indicate which of these obstacles to PKI deployment and usage
are most important, in your view.
Note that this list includes several obstacles that were listed as
an Other Obstacle by multiple respondents to our previous survey.
We have added them to our list here to see whether there is
widespread agreement that they are important.
Software Applications Don't Support It ___
Costs Too High ___
PKI Poorly Understood ___
Poor Interoperability ___
Hard to Get Started - Too Complex ___
Hard for End Users to Use ___
Lack of Management Support ___
Too Much Legal Work Required ___
Hard for IT to Maintain ___
Insufficient Need ___
Enrollment Too Complicated ___
Smart Card Problems ___
Revocation Hard ___
Standards Problems ___
Too Much Focus on Technology, Not Enough on Need ___
*Detailed Analysis of Obstacles*
The last survey included several broad obstacles that we must
understand in more detail before we can address them. Here we
ask you to provide more detail about the four obstacles that
were most highly ranked in responses to the previous survey.
4) Software Applications Don't Support It
Most respondents to our previous survey indicated that
"Software Applications Don't Support It" is an obstacle
to PKI deployment and usage. If you believe that it is
not an obstacle, please skip to question 5.
4a. Which of these software applications most critically needs
improvements in PKI support?
Please allocate 10 (or more) points.
Document Signing ___
Web Server Security ___
Secure Email ___
Web Services Security ___
Virtual Private Network ___
Single Sign On ___
Secure Wireless LAN ___
Electronic Commerce ___
Code Signing ___
Secure RPC ___
4b. Please tell us whether the applications you ranked highly above
are completely lacking in PKI support or have some PKI support,
but that support is insufficient. If the support is insufficient,
in what way?
_______________________________________________________
_______________________________________________________
_______________________________________________________
4c. Do you have any specific suggestions for things the OASIS PKI TC
(or others) could do to help improve application support?
_______________________________________________________
_______________________________________________________
_______________________________________________________
5) Costs Too High
Most respondents to our previous survey indicated that
"Costs Too High" is an obstacle to PKI deployment and usage.
If you believe that it is not an obstacle, please skip to
question 6.
5a. Which of these costs are most problematic in PKI deployment and usage?
Please allocate 10 (or more) points among these items to indicate which
of these costs are most problematic in PKI deployment and usage.
Cost of Initial System Design ___
Cost of Software Acquisition ___
Cost of Secure Facilities ___
Cost of Software Integration ___
Cost of Training ___
Cost of Cross-Certification ___
Non-technical Setup Costs (e.g. legal & CPS) ___
Cost of Smart Cards and Readers ___
Cost of Initial Certificate Issuance ___
Cost of Support Contracts ___
Cost of End-User Support ___
Cost of On-going Operations ___
Other Costs (describe below) ___
Other Costs: _________________________________________________
5b. Would you say that these cost problems are largely eliminated
if the number of users involved is large (amortizing large fixed
costs)?
() Yes
() No
5c. Do your comments about costs pertain primarily to outsourced PKI
services, in-house PKI, or both?
() Outsourced PKI
() In-house PKI
() Both
5d. Do you have any specific suggestions for things the OASIS PKI TC
(or others) could do to help reduce costs?
_______________________________________________________
_______________________________________________________
_______________________________________________________
6) PKI Poorly Understood
Most respondents to our previous survey indicated that
"PKI Poorly Understood" is an obstacle to PKI deployment
and usage. If you believe that it is not an obstacle, please
skip to question 7.
6a. Here is a list of parties often involved in PKI deployment
and usage. Please allocate 10 (or more) points among these
items to indicate where greater PKI understanding is most
needed.
Senior Management ___
IT Management ___
IT Staff ___
Users ___
Vendors ___
Other (Describe Below) ___
Other Parties: _________________________________________________
6b. Do you have any specific suggestions for things the OASIS PKI TC
(or others) could do to help increase understanding of PKI?
_______________________________________________________
_______________________________________________________
_______________________________________________________
7) Poor Interoperability
Most respondents to our previous survey indicated that
"Poor Interoperability" is an obstacle to PKI deployment
and usage. If you believe that it is not an obstacle, please
skip to question 8.
7a. Where do the most serious interoperability problems arise?
Please allocate 10 (or more) points among these items.
Certificate Issuance ___
Certificate Revocation ___
Smart Card ___
Application-Server ___
Application-Application ___
Application-Certificate ___
Cross-Certification ___
Other (describe below) ___
Other: _______________________
7b. Interoperability is an especially complex area. Please
describe any interoperability problems you want to
highlight.
_______________________________________________________
_______________________________________________________
_______________________________________________________
7c. Do you have any specific suggestions for things the OASIS PKI TC
(or others) could do to help improve interoperability?
_______________________________________________________
_______________________________________________________
_______________________________________________________
8. Other Comments or Suggestions
If you have any other comments or suggestions to offer,
please feel free to do so here. We are especially interested
in hearing your thoughts on how to address the obstacles
listed in this survey. We will consider your comments carefully.
You may also email comments to the OASIS PKI TC co-chairs at
pki-tc-chair@lists.oasis-open.org. These comments will be
passed on to the rest of the TC after any identifying
information has been removed.
We welcome all new participants in the work of the OASIS PKI TC.
See http://www.oasis-open.org/join/ or email
pki-tc-chair@lists.oasis-open.org for details.
NOTE: We have saved any comments you supplied in response
to the previous survey. Those comments will be carefully
considered in relation to these questions as well.
_______________________________________________________
_______________________________________________________
_______________________________________________________
Thanks for your help,
The OASIS PKI TC
Thanks to your enthusiastic participation, the OASIS PKI TC's survey on Obstacles to PKI Deployment and Usage was a huge success. We received 216 responses from more than 30 countries, which provided valuable insights that will be critical to our future work. For details, see our survey analysis at http://www.oasis-open.org/... In September, the OASIS PKI TC will decide what actions to take to address the obstacles identified in this survey. But first we want to clarify a few things. We have prepared a brief follow-up survey that: 1) Breaks down some of the broad obstacles in the June 2003 survey into smaller categories so we can actually address them. For instance, we have broken down "Costs Too High" into "Cost of Software Acquisition", "Cost of Training", etc. 2) Adds several obstacles that were cited by several survey respondents as major "Other" obstacles. We read your comments very carefully and we want to make sure that the obstacles you identified are considered on an equal footing with the obstacles we initially identified. 3) Uses a point-based rating system to rank obstacles. This will help us allocate our resources to the most critical areas. 4) Allows you to suggest ways to overcome these obstacles. We know that you are very busy, but we hope that you will take the time to complete this follow-up survey. Because many people are on vacation in August, we will accept responses for three weeks (from August 11 through September 1). We encourage you to respond to this survey ASAP. Your response is *very* important. We are only publicizing this survey to people who responded to our earlier survey and provided their email address (like you). You came through for us last time with great responses. Please do so again. If you do, we promise to send you the results of this survey and a report detailing what actions the OASIS PKI TC plans to take to address these obstacles. Thanks, The OASIS PKI TC P.S. If you would like to join the OASIS PKI TC and help us address these obstacles or you have other comments, please contact our chairs at pki-tc-chair@lists.oasis-open.org. ------- Privacy Note: The data collected in this survey will only be reported in aggregate form. Individual responses will be used by OASIS PKI TC members and OASIS staff members in tabulating our results. If you choose to provide your email address (optional), we will send you a copy of the survey results and invitations to participate in future surveys conducted by the OASIS PKI TC. But your email address will not be used for any other purposes or disclosed to anyone outside of OASIS.
S/MIME Cryptographic Signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]