OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

pki-tc message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Notes from last week's HEPKI-TAG call

Here are my notes from the discussion of our survey
results and draft Action Plan at last week's conference
call meeting of the Internet 2 Consortium's Higher
Education PKI Technical Advisory Group. I also received
several emails on this topic, which I will forward

Anyway, here are the comments I got at the meeting.
Each bullet item is a separate comment.



* There are lots of educational materials on PKI
  available now. What's wrong with them? 
* End user materials are needed.
* Managers don't understand the benefits of PKI.
* There's too much focus on technology. We need to
  focus on applications. Understand what people need
  and why. Then we can show how PKI (or alternatives)
  can address that.
* There are lots of user interface problems. Users
  should be able to control whether they encrypt
  email messages on their hard disk (which is sometimes
* We need more training for auditors on how to audit
  lightweight and heavyweight PKI installations.
* Prebaked PKI configurations have been tried and
  they weren't used. Like PKI Lite.
* The reason why they haven't been used is that it's
  so hard to get lightweight CA and application software.
* With web-based PKI, there's no way to force the
  user to reauthenticate. That's a problem if the
  user has walked away from their desk, leaving
  their smart card or soft token activated.
* Are you [the PKI TC] going to act before February?
* Applications should use the PKI support that's built
  into the operating system. Then they'll get smart card
  support automatically.

S/MIME Cryptographic Signature

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]