OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pki-tc message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [pki-tc] DHS RFI

Arshad,

I got the impression that they left out PIV/HSPD-12 in the *pilot*.

That was IMHO a resonable step as there are not enough PIVs
out there to motivate support of these.

Due to the unavailability of readers they will soon also have to adapt
the scheme to One Time Passwords (OTPs) as well, in spite of not
even being mentioned in the plan.  As they say in the Army:
When the reality and the map does not not match - Stick to the reality!

In Sweden, the last PKI-using bank has finally realized that the
unavailability of WebSign standards and readers is a killer
(for everybody) and have subsequently introduced "scratch cards".

A low-tech, fully mobile, but reasonably secure solution that seems
to catch on.

Believe me, PIV, GSI and CAC cards will be obsolete the
very moment Uncle Sam have poured the $BNs needed, as
any medium-range mobile phone will be able to "dock" to a
PC using an NFC/WLAN combo while the mobile CPU itself will
have full TPM capability.  And all this by using default HW + SW.

It is interesting to note that neither banks or governments have any
representation in TrustedComptingGroup:
https://www.trustedcomputinggroup.org/about/members

Yes, we are obviously talking 2010 here, but this is the actual
speed of client-side PKI in the US, like it or not.

For the org-to-org messaging it is still an open question where
it is going.

AndersR

----- Original Message ----- 
From: "Arshad Noor" <arshad.noor@strongauth.com>
To: "PKI TC" <pki-tc@lists.oasis-open.org>
Sent: Thursday, June 16, 2005 20:35
Subject: [pki-tc] DHS RFI


Here is the RFI that specifically excluded PKI from its
Identity Management project - shortsighted in my opinion.
Feel free to let your DHS contacts know of the folly of
ignoring PKI from its IdMS project.  I've already done
so.

Arshad Noor
StrongAuth, Inc.



--------------------------------------------------------------------------------


---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  You may a link to this group and all your TCs in OASIS
at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]