OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

pki-tc message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Question about PKI and Federated Identity

PKI TC members,

Here is an email that was sent to the pki-tc-chair
alias with a comment about Federated Identity
and PKI. If you would like to reply to this,
feel free to do so.

I told Mr. Kershaw that I would pass on this
note to the PKI TC for comment. I also told
him about my personal opinion, which is that
Federated Identity (FI) standards are useful
and complementary to PKI. FI can use PKI to
authenticate users (or not). FI typically uses
PKI to secure communications between trust
authorities (but not always). FI can reduce
the need for large PKIs by allowing organizations
to recognize each others' credentials (although
many of the same hard issues arise, like
defining levels of trust and liability).

So I don't see FI as a panacea or a replacement
for PKI. Rather, I see them as complementary.
However, that's just my opinion. Please feel
free to share yours. And feel free to cc the
pki-tc alias on your response. I expect we'd
all be interested in how this discussion proceeds.



-------- Original Message --------
Subject: [pki-tc-chair] Widespread adoption of PKI
Date: Wed, 10 Mar 2004 06:27:43 +0000
From: Mark Kershaw <mkersh@hotmail.com>
To: pki-tc-chair@lists.oasis-open.org

Dear sir/madam,

I have had a brief look through your action plan and was surprised that 
there was no mention of adoption of Federated Identity standards as a
forward for the widespread adoption of PKI.

Admitedly at the moment these FI standards (Liberty Alliance, Saml, 
WS-Federation) do not cater for services like digital signatures but I'm 
sure this will come in time.

As a technical architect I know the cost of integrating a PKI solution
a product. Federated Identity if it becomes mainstream will solve most
these problems. From a solution providers perspective you should
beable to drop any Identity Providers solution into your offering.

Any comments?



Find things fast with the new MSN Toolbar  includes FREE pop-up

To unsubscribe from this mailing list (and be removed from the roster of
the OASIS TC), go to

S/MIME Cryptographic Signature

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]