OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

pki-tc message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Enterprise PKI - At the X-road

Dear List,
There are indeed some recognized hurdles to PKI deployment.

However, there also are some very serious obstacles that most
PKI advocates seem to be unaware of:

- Assume that you are working for a large organization
- Assume that this organization has an internal purchasing system
  holding a local product catalog
- Assume that this system authenticates users as well as checking limits etc.
    (that's why you have enterprise systems)
- Assume that it is time to order some stuff from an external supplier

Question:  How would such a purchasing system be able to carry out
its message creation, monitoring, archiving, and control tasks if you
use a true end-to-end encryption model?

Answer: It cannot.

That is, the enterprise PKI model is incompatible with essentially
every business process and system used by the private sector.

But there is no reason to despair, the private sector have already
an architecture in place since decades back that is very easy to
augment with PKI.   For a reasonably complete description on
how to make business systems use PKI, please take a peek at the
following recently upgraded document:


Anders R

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]