OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pki-tc message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: PKI Testing SC Report

First, I have to apologize to everyone for my absence and
non-responsiveness this past month.  The day after our last concall, I
got caught up in what turned out to be a significant proposal.  I'm just
coming out of what I hope is the last cycle - at least for this year.
I've had my head down during this and haven't been in a position to
answer any messages outside of work and haven't even gotten to my
personal e-mail accounts.

That said, I have good news to report by way of Steve Hanna's terrific
work in reaching out to The Open Group and launching some excellent
dialogue that is promising.  Specifically, there are serious talks
between OASIS and TOG about collaborating on testing, not only on PKI
related areas but other standards that OASIS has been advancing as
well.  It looks like a great win-win all around and Steve should be
highly commended for his efforts.  I know he has been quite busy as well
but he is obviously much better organized that I am and was able to find
the time that I was not.

I still have a couple of IOU's for other team members - I haven't
forgotten them and will get back to you soon.

One item I mentioned in my last report was that I was going to be in
contact with the folks at NIST and would bring up the PKI testing
subjects.  When I saw them it was apparent that they were deeply
involved in a rush to get a new FIPS Publication drafted for the
Personal Identification Verification regulations that will apply to all
Federal Government agency employees and contractors.

There is a lot of controversy about the smart card standards that will
be chosen but none regarding the role of PKI.  This is all being driven
by a Presidential Directive that mandates all agencies to issue a
uniform identity credential for both logical and physical authentication
as part of access controls.  The implementation will be based upon a
federated model using PKI certificates issued by authorized credential
service providers.  It may well be that this initiative will be the
"killer application" that finally pushes PKI through many barriers.

Paul Evans
PKI Testing SC Chair

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]