[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: re:[pki-tc] PKI TC - Deliverables
Personally I think that login and e-mail are actually very awkward applications of PKI and do not represent best practice. There are many many other live applications that do represent best practice: - Austria's system for lodging all company registrations online with digital signatures (2.5M Secure Signature Creation Devices in regular use) - USPTO online patent lodgement (a few thousand I think) - Pan Asia Alliance cross border trade documentation (200,000 active certs) - Australian Tax Office business tax returns (100,000) - Australian Health eSignature Authority (soon to expand rapidly into PKI-enabled smartcards for healthcare professionals) - Electronic Conveyancing Victoria (in advanced planning stage) - Taiwanese Playsafe gaming card (10,000 pilot, planned to expand to 5M) - Visa/Mastercard 3D Secure (numbers?) - Open Cable embedded certs in set-top boxes (millions?) - Electronic Certificate of Origin (ECO) projects in Japan, Korea, Sing - US FIPS-201 PIV card (PKI applications yet to be announced as far as I know BUT NIST has stated that PKI is essential to resist Man In The Middle attack, so one presumes that a whole raft of applications will soon be built around the powerful embedded multi-certificate capability of the smartcard). Whether or not these applications have been documented to Anders' satisfaction is another question. A minimalist approach would be to write these up as case studies (and indeed, the Asia PKI Forum has asked the PKI TC to contribute to its Case Book, which has been posted to the Members Website already). A slightly greater effort could be put into abstracting what it is about these applications that make them ammenable to PKI, and then we could write up a guideline or a manual to guide application selection and certificate implementation. Cheers, Stephen. Stephen Wilson Lockstep Consulting Pty Ltd www.lockstep.com.au ABN 59 593 754 482 11 Minnesota Ave Five Dock NSW 2046 Australia P +61 (0)414 488 851 -------------------- About Lockstep Lockstep was established in early 2004 by noted authentication expert Stephen Wilson, to provide independent advice and analysis on cyber security policy, strategy, risk management, and identity management. Lockstep is also developing unique new smartcard solutions to address privacy and identity theft. > Dear List, > > Here is an extract from the current charter > > http://www.oasis-open.org/committees/pki/charter.php > > List of Deliverables > > A very wide range of topics will be addressed by the TC, and it is expected that severalsub-committees will be formed. TC deliverables will include: > > a.. business implementation guideline white papers > b.. technical implementation guideline white papers > c.. best practice and sample implementations > d.. applications white papers forums for networking, information sharing andimplementation of PKI-related projects > e.. solutions showcase > > However, to date, no authoritative party have described in clear and implementable wayshow you could apply PKI to processes outside of e-mail and login. > > If this still is a goal, I would like to know how the PKI-TC is supposed to carry out amission, nobody else have managed to do. > > > Anders Rundgren -- <Put email footer here>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]