OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pki-tc message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: re:[pki-tc] Whither PKI-TC? (was Meeting tomorrow)



Arshad

Nice summary, thanks very much. 

Regarding the suggested change to the voting rules, I would just like to
put a contrary and cautious view, particularly in light of how small our
group is.  I think we need somehow to enourage long term and consistent
engagement with the committee.  There may be risk if it is too easy for
people with relatively little commitment to the group to vote on issues as
they see fit, perhaps capriciously, thus exercising disproportionate power.
 A great deal gets accomplished by live engagement in the meetings.  I
think a consistent level of live engagement in meetings should be a
pre-requisite to being able to vote.  

Cheers, 

Stephen.


Stephen Wilson
Lockstep Consulting Pty Ltd
www.lockstep.com.au
ABN 59 593 754 482

11 Minnesota Ave
Five Dock NSW 2046
Australia

P +61 (0)414 488 851

--------------------

About Lockstep 
Lockstep was established in early 2004 by noted authentication expert
Stephen Wilson, to provide independent specialist advice and analysis on
identity management, PKI and smartcards.  Lockstep is also developing
unique new smartcard solutions to address privacy and identity theft. 



> I've heard some great feedback from the forum - over e-mail and
> in the meeting - and I'm going to try to summarize what I heard.
> Please correct me if I've misinterpreted/missed anything:
> 
> * Our charter is very broad and could encompass creating
>    technical standards for the use of PKI, if appropriate;
> 
> * We ned to consider changing the rule that "punishes" voting
>    members if they don't attend 2 consecutive meetings;
> 
> * We need to create a better perception of PKI, relative to
>    other security technologies;
> 
> * We need to sharpen our message about PKI and the benefits it
>    brings to business;
> 
> * We need to continue addressing the concerns raised in the PKI
>    survey from 3 years ago - especially cost, user interfaces and
>    technical understanding;
> 
> * Application guidelines are missing for integrating PKI, thus
>    leading to non-standard implementations; the absence of
>    "universal, open source, cross-platform API(s)" creates the
>    biggest hurdles for use of PKI outside IA&A.
> 
> I may have missed some other messages, so please send them to
> this list so we can add them to this summary.
> 
> I see these statements falling into 3 categories:
> 
> 1) Administrative - (rule change about missing meetings), which
>     we can change based on a vote, I imagine;
> 
> 2) Communications - better articulation of our message towards
>     creating a more favorable perception of PKI; and
> 
> 3) Application guidelines - the lack thereof.
> 
> I'd like to get some feedback to this initial summarization.  If
> the TC believes that this summary is on target, I'd like us to
> think of project propsals to address these statements, as a next
> step.
> 
> Thank you.
> 
> Arshad Noor
> StrongAuth, Inc.
> 
> 
> Arshad Noor wrote:
> > Friends,
> > 
> > Since tomorrow is the first meeting that I will be conducting
> > as the new chair, I wanted to take the opportunity for us to
> > have a discussion around the TC's future.  Since I'm not sure
> > everyone is on the Member Section alias (I'm not - and I'm not
> > sure why), I'm sending you a message that I sent there last
> > week to help spur some discussion tomorrow on this subject.
> > 
> > Whether you're a regular participant to the TC meetings or
> > not, I'd like to invite you to attend this session tomorrow
> > to provide some input on the two topics outlined below.
> > 
> > If you cannot join us due to other commitments, please send
> > us your feedback on this list, so we can incorporate it into
> > our discussion.
> > 
> > As the internet gets more dangerous and awareness increases
> > amongst software developers/architects, I strongly believe
> > that the use of public-key cryptograpy is on the threshold
> > of a new dawn.  I'm hoping that you can join us in taking
> > advantage of this new awareness, and in helping shape the
> > way the technology can help your company or you, personally.
> > 
> > The topics I'd like to discuss tomorrow are:
> > 
> > 1) As a technical committee, what technology standards do we
> >    establish given that PKIX establishes international technical
> >    standards for PKI, and W3C has established XMLSignature,
> >    XMLEncryption and XKMS as standards?  What value do we
> >    add to the field of PKI to justify our existence?
> > 
> > 2) The TC conducted a survey 2-3 years ago that highlighted
> >    why people were not using PKI.  Yet, many countries around
> >    the world, the US Federal Government, the cable/satellite
> >    industry, the DRM world all use PKI in one form or another.
> >    What is the real reason that the general business
> >    applications/IT developers shun PKI?  (Being an applications
> >    developer myself, I have some notions on this that I'd like
> >    to discuss in the TC, but I want to hear from everybody else
> >    first).
> > 
> > We may not have enough time to cover this discussion tomorrow,
> > but I hope to begin it over e-mail, and continue on the phone
> > and e-mail.  Ann Terwilliger has kindly arranged for a toll-free
> > number (in the US) for this meeting.  It is:
> > 
> > Date/Time:     MAY, 17 2006 at 9:00 AM America/Los_Angeles
> > Length:        60
> > Meeting ID:    3661
> > Phone Number:    877-847-2001 (USA & Canada) or 650-432-0111
> > 
> > I hope to hear from you.  Thank you.
> > 
> > Arshad Noor
> > StrongAuth, Inc.



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]