[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: For discussion at next meeting
Hello everyone. Thanks again for those who have produced case studies, we're building up a nice set! These will be posted soon on the totally new IDtrust Resources Page. Keep up the good work! Meanwhile I'd like to get some discussion happening at the next PKIA TC con call around a new whitepaper or two on strategic issues -- fresh thinking in PKI. To get things rolling, I attach two papers on new ways to apply PKI and govern it. These are meant only to seed discussion. I got some good feedback from Peter Alterman on the "Security Printer" concept. This is where a CA operates on a wholesale sort of basis, producing certificates on request from authorised RAs, targeting particular independent applications. A security printer can service multiple customers (e.g. different banks for cheques, different concert organisers for tickets, different doctors for prescription pads) and remain insulated from liabilities arising from misuse of those different paper products. The printer's liabilities concern quality of printing, protection of special equipment and paper stock, personnel security etc. All these attributes are strongly analagous to governance of CAs. So the "security printer model" suggests we can better define the demarcation of RA and CA in the CP/CPS, and generally de-mystify and simply the legal arrangements or CA, RA and Subject. The other paper is an earlier attempt to re-imagine certificates as representing relationships instead of personal identity per se. In the current climate, the idea of Relationship Certificates seems to me to resonate with "Identity 2.0". Perhaps a PKIA TC discussion paper that relates 'modern' PKI to Identity 2.0 at the policy and governance level would be useful and achievable? So ... please take an hour or so between now and next week to read and think about these issues, and we'll talk on the 31st. Reminder of the call schedule: Wed, 31 Oct, 03:00pm ET Wed, 28 Nov, 03:00pm ET Wed, 26 Dec, 03:00pm ET *** To be re-scheduled because of Boxing Day *** Cheers, Stephen Wilson Chair, OASIS PKI Adoption TC Managing Director, Lockstep Group Phone +61 (0)414 488 851 www.lockstep.com.au ------------------- Lockstep Consulting provides independent specialist advice and analysis on identity management, PKI and smartcards. Lockstep Technologies develops unique new smartcard technologies to address transaction privacy and web fraud.
Lockstep WP03 CA as Security Printer (1.1).pdf
Lockstep WP02 RelationCerts Model (1.4).pdf
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]