[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [pki-tc] Meeting tomorrow
Arshad, I am at a meeting in Ottawa and may not be able to break for the meeting, but I believe you are asking good questions about what direction the PKI TC should move in. The PKI TC is unusual for OASIS because it is a continuation of the old PKI Forum, which, except for some work on attempting to harmonize certificate management protocols, essentially was a forum for vendors and users to come together and look at PKI from a number of "business" perspectives - policies, business process and value, general technical understanding, etc. There was a technical committee which did a lot of cross vendor work, but it worked with standards and certainly didn't write them. The PKI TC charter essentially reflects this business/usage focus and is very broad, allowing a large variety of initiative depending on member interest. Like other industry organizations, the work of the PKI TC is member-driven. So you are right on target to start this discussion and develop a new plan for the TC, especially at a time when security vulnerabilities and threats continue to rise, and risks more complex to manage. One general area of possible focus - addressing how PKI be of use in better risk management given today's networking risks, especially document spoofing (phishing), social engineering attacks, and document/web authenticity requirements? John __________________________________ John T. Sabo, CISSP Director, Security and Privacy Initiatives CA Tel: +1 703-708-3037 Mobile: +1 443-629-6198 Fax: +1 703-709-4820 ------------------------------------ This e-mail message is for the sole use of the intended recipient(s) and may contain confidential and/or privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. -----Original Message----- From: Arshad Noor [mailto:arshad.noor@strongauth.com] Sent: Tuesday, May 16, 2006 2:10 PM To: PKI TC Subject: [pki-tc] Meeting tomorrow Friends, Since tomorrow is the first meeting that I will be conducting as the new chair, I wanted to take the opportunity for us to have a discussion around the TC's future. Since I'm not sure everyone is on the Member Section alias (I'm not - and I'm not sure why), I'm sending you a message that I sent there last week to help spur some discussion tomorrow on this subject. Whether you're a regular participant to the TC meetings or not, I'd like to invite you to attend this session tomorrow to provide some input on the two topics outlined below. If you cannot join us due to other commitments, please send us your feedback on this list, so we can incorporate it into our discussion. As the internet gets more dangerous and awareness increases amongst software developers/architects, I strongly believe that the use of public-key cryptograpy is on the threshold of a new dawn. I'm hoping that you can join us in taking advantage of this new awareness, and in helping shape the way the technology can help your company or you, personally. The topics I'd like to discuss tomorrow are: 1) As a technical committee, what technology standards do we establish given that PKIX establishes international technical standards for PKI, and W3C has established XMLSignature, XMLEncryption and XKMS as standards? What value do we add to the field of PKI to justify our existence? 2) The TC conducted a survey 2-3 years ago that highlighted why people were not using PKI. Yet, many countries around the world, the US Federal Government, the cable/satellite industry, the DRM world all use PKI in one form or another. What is the real reason that the general business applications/IT developers shun PKI? (Being an applications developer myself, I have some notions on this that I'd like to discuss in the TC, but I want to hear from everybody else first). We may not have enough time to cover this discussion tomorrow, but I hope to begin it over e-mail, and continue on the phone and e-mail. Ann Terwilliger has kindly arranged for a toll-free number (in the US) for this meeting. It is: Date/Time: MAY, 17 2006 at 9:00 AM America/Los_Angeles Length: 60 Meeting ID: 3661 Phone Number: 877-847-2001 (USA & Canada) or 650-432-0111 I hope to hear from you. Thank you. Arshad Noor StrongAuth, Inc. --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. You may a link to this group and all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]