[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pki-tc] re:[pki-tc] Application SC report
The PAA sounds interesting, Stephen. My interest for this goal would be in the "Secure Cross-border Transaction Services" project; it implies using PKCS to digitally sign (and/or encrypt) documents between entities. While I agree with you that something as focused as this must have created a model and tools, is the PAA amenable to sharing this for dissemination to the Internet? One of my goals is to have an open-source toolkit that can be integrated into other open-source "products" such as MySQL, JBoss, Tomcat & Firefox to ensure wide dissemination. I will work on the paper and send it out to the TC in the next week or two. Thanks for the prompt response. Arshad Noor StrongAuth, Inc. Stephen Wilson wrote: > Arshad wrote: > > [snip] > > >>I, thus, propose that the Application SC undertake the following for >>2005 to start making PKI as ubiquitous in transactions as it is in >>SSL/TLS: >> >>1) Identify models that can serve Transaction-PKI; examples are >> S/MIME, TLS, DSS, etc. (need to come up with models that are >> both XML and non-XML based); >>2) Determine if the model(s) are capable of serving the needs of >> Transaction-PKI; >>3) Determine gaps and what it takes to cover those gaps; >>4) Get resources to cover those gaps; >>5) Start promoting the model; >> >>Comments? Suggestions? >> >>Arshad Noor >>StrongAuth, Inc. > > > > I believe that one of the strongest PKI applications has been the > Tradelink system in Hong Kong for electronic trade documentation. Indeed, > it represents a whole PKI scheme. It is at least 7 years old, with over > 100,000 certificates in active use. > > In recent years, the Tradelink experience has spawned the regional Pan > Asia Alliance (PAA) involving cross recognition of commercial CAs in > several countries. See www.paa.net. Their focus is still electornic > trade documentation, which has a strong buisness case, with demonstrated > benefits for large numbers of entities across the region. I would expect > that a suite of architectural resources/models and business analyses (and > support software) would have grown up around PAA. > > So ... may I suggest that we reach out to PAA via the Asia PKI Forum, to > swap notes on Transaction-PKI models as outlined by Arshad? > > SUGGESTION > Arshad: if you could prepare a somewhat more detailed (one page) > expression of your interests in 'Transaction-PKI models' then I could > table it at the Asia PKI Forum in Japan next month, and also reach out to > my good friends in the PAA for further details. > > Cheers, > > Stephen. > > > > Stephen Wilson > Lockstep Consulting Pty Ltd > ABN 59 593 754 482 > > 11 Minnesota Ave > Five Dock NSW 2046 > Australia > > P +61 (0)414 488 851 > > -------------------- > > About Lockstep > Lockstep was established in early 2004 by noted authentication expert > Stephen Wilson, to provide independent advice and analysis on cyber > security policy, strategy, risk management, and identity management. > Lockstep is also developing unique new smartcard solutions to address > privacy and identity theft. > Contact swilson@lockstep.com.au. > > > To unsubscribe from this mailing list (and be removed from the roster of the OASIS TC), go to http://www.oasis-open.org/apps/org/workgroup/pki-tc/members/leave_workgroup.php. >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]