OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

pki-tc message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: fwd: [pki-tc] Call for input: Asia PKIF Forum Panel Discussion

Hi everyone

I'm in Taipei now, about to start the Asia PKI Forum meetings, and making 
last minute preparations! 

These include getting ready for my panel discussion on Thursday regarding 
security, privacy, and cybercrime in the ubiquitous network, as discussed 
a couple of weeks ago. 

Does anyone have any last minute thoughts please on these topics, per my 
request below?  

Absent any feedback from the TC, my remarks to the conference will 
concentrate on the need for EMV and other smartcards to be pushed much 
harder, with embedded PKI for mutual authentication, protecting against 
MITM, phishing and spam, and providing the privacy enhancing options of 
multiple personae, control over one's keys, and decoupling of names from 

Thanks for any input.  Cheers, 

Stephen Wilson.

Forwarded Message:
From:    Stephen Wilson
To:      pki-tc@lists.oasis-open.org
Subject: [pki-tc] Call for input: Asia PKIF Forum Panel Discussion
Date:    Aug 30, 2005

> Dear All
> The next meeting of the Asia PKI Forum (Taipei, September 13-15) 
> a panel discussion about PKI in the "ubiquitous network".  I will be 
> speaking on the panel.  This e-mail is to invite input from the TC on 
> topic. 
> Attached is the panel background.  I will also upload the conference 
> program to the TC pages, for further information. 
> As you can see, there is a certain emphasis on privacy and cybercrime.  
> happen to have been working extensively on these topics in the past 12 
> months, and I have also developed various views about embedded/automated 
> client side PKI.  So my initial thoughts about the panel discussion are 
> listed below.  
> However, I would like to make sure that my presentation is reflective of 
> the PKI TC.  So please let me have your thoughts too. 
> -- NIST and others have concluded that the only way to prevent Man In 
> Middle attack (a major new vector for phishing and id crime) is PKI-
> enabled smartcards.  This is a major indicator of the requisite 
> use of PKI and smartcards to protect privacy and combat cyber crime. 
> -- Further, PKI offers ways to mask identities via anonymous digital 
> certificates in order to deidentify such transactions as electronic 
> records, e-voting, online census collection etc. 
> -- A major trend in PKI deployment worldwide is embedded digital 
> certificates, whereby the technology is no more complex for users than 
> magnetic stripes on regular plastic cards.  Examples include EMV 
> smartcards, e-passports, national identity cards, national health 
> entitlement cards, and set-top cable TV boxes.  
> -- Smartcards (and related mobile devices like cell phones and PDAs) can 
> function as containers for multiple digital credentials.  This means 
> PKI need not lead to a single digital identity, and therefore PKI can be 
> fundamentally privacy-enhancing.  
> Comments are welcome!  If anyone is interested, further details on some 
> these thoughts are at 
> http://www.lockstep.com.au/library/ehealth/a_novel_application_of_pki_sm
> and
> http://www.lockstep.com.au/library/privacy/submission_to_the_2005_senate
> Cheers, 
> Stephen.
> Stephen Wilson
> Lockstep Consulting Pty Ltd
> www.lockstep.com.au
> ABN 59 593 754 482
> 11 Minnesota Ave
> Five Dock NSW 2046
> Australia
> P +61 (0)414 488 851
> --------------------
> About Lockstep 
> Lockstep was established in early 2004 by noted authentication expert 
> Stephen Wilson, to provide independent advice and analysis on cyber 
> security policy, strategy, risk management, and identity management.  
> Lockstep is also developing unique new smartcard solutions to address 
> privacy and identity theft. 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  You may a link to this group and all your TCs in 
> at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]