OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pki-tc message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [pki-tc] A Call to Action!



Absolutely!  I think it's very important.  The fact that SAML assertions 
are digitally signed implies embedded or under-the-covers PKI of some 
sort doesn't it?  How do practical implementations of SAML manage the 
keys & certs?   Is this a great example of how PKI becomes invisible if 
its peculiarities are absorbed into regular admin functions?

Cheers,

Stephen.



Dee Schur wrote:
> I can probably did up some potential implementations of SAML on top of PKI.
> Is this of interest? I think the entire healthcare systems in Denmark and
> France are working on this now.
> Dee
> 
> -----Original Message-----
> From: Stephen Wilson [mailto:swilson@lockstep.com.au] 
> Sent: Thursday, November 01, 2007 1:38 PM
> To: pki-tc@lists.oasis-open.org
> Subject: [pki-tc] A Call to Action!
> 
> 
> Dear PKI-TC Members.
> 
> We need your help!
> 
> We've all 'signed up' to do something collectively to improve 
> understanding of PKI, and develop fresh outreach materials.  Yet 
> progress remains too slow.  Only four case studies have been finalised, 
> and despite early indications that there was interest in new and 
> innovative position papers, we still haven't got any real engagement or 
> group discussion happening via the e-mail list.
> 
> I have to say frankly that the turnout for yesterday's scheduled 
> conference call was extremely disappointing, especially given the 
> prompts I sent out the week prior (see below).
> 
> Obviously everyone's busy, but we're all in this together, and we all 
> agree that education remains a key factor to improving our industry.
> 
> I'm appealing to you all to put in two or three hours a month, to make 
> the PKIA TC really worthwhile.  Let's try to have:
> 
> (1) comments and discussion on the list about the references attached
>      (or anything else you might have that could inform position papers)
> (2) more case studies (the template is available at the TC member site)
> (3) a good turnout for the next conference call, on the last
>      Wednesday in November.
> 
> Thanks everyone.
> 
> Cheers,
> 
> Stephen Wilson
> Chair, OASIS PKI Adoption TC
> Managing Director, Lockstep Group
> 
> Phone +61 (0)414 488 851
> 
> www.lockstep.com.au
> -------------------
> Lockstep Consulting provides independent specialist advice and analysis 
> on identity management, PKI and smartcards.  Lockstep Technologies 
> develops unique new smartcard technologies to address transaction 
> privacy and web fraud.
> 
> 
> -------- Original Message --------
> Subject: [pki-tc] For discussion at next meeting
> Date: Tue, 23 Oct 2007 04:27:37 +1000
> From: Stephen Wilson <swilson@lockstep.com.au>
> Organization: Lockstep
> To: pki-tc@lists.oasis-open.org
> 
> 
> Hello everyone.
> 
> Thanks again for those who have produced case studies, we're building up
> a nice set!  These will be posted soon on the totally new IDtrust
> Resources Page.  Keep up the good work!
> 
> 
> Meanwhile I'd like to get some discussion happening at the next PKIA TC
> con call around a new whitepaper or two on strategic issues -- fresh
> thinking in PKI.  To get things rolling, I attach two papers on new ways
> to apply PKI and govern it.  These are meant only to seed discussion.
> 
> I got some good feedback from Peter Alterman on the "Security Printer"
> concept.  This is where a CA operates on a wholesale sort of basis,
> producing certificates on request from authorised RAs, targeting
> particular independent applications.  A security printer can service
> multiple customers (e.g. different banks for cheques, different concert
> organisers for tickets, different doctors for prescription pads) and
> remain insulated from liabilities arising from misuse of those different
> paper products.  The printer's liabilities concern quality of printing,
> protection of special equipment and paper stock, personnel security etc.
> 
> All these attributes are strongly analagous to governance of CAs.  So
> the "security printer model" suggests we can better define the
> demarcation of RA and CA in the CP/CPS, and generally de-mystify and
> simply the legal arrangements or CA, RA and Subject.
> 
> The other paper is an earlier attempt to re-imagine certificates as
> representing relationships instead of personal identity per se.  In the
> current climate, the idea of Relationship Certificates seems to me to
> resonate with "Identity 2.0".
> 
> Perhaps a PKIA TC discussion paper that relates 'modern' PKI to Identity
> 2.0 at the policy and governance level would be useful and achievable?
> 
> So ... please take an hour or so between now and next week to read and
> think about these issues, and we'll talk on the 31st.
> 
> Reminder of the call schedule:
> 
> Wed, 31 Oct, 03:00pm ET
> Wed, 28 Nov, 03:00pm ET
> Wed, 26 Dec, 03:00pm ET *** To be re-scheduled because of Boxing Day ***
> 
> Cheers,
> 
> Stephen Wilson
> Chair, OASIS PKI Adoption TC
> Managing Director, Lockstep Group
> 
> Phone +61 (0)414 488 851
> 
> www.lockstep.com.au
> -------------------
> Lockstep Consulting provides independent specialist advice and analysis
> on identity management, PKI and smartcards.  Lockstep Technologies
> develops unique new smartcard technologies to address transaction
> privacy and web fraud.
> 
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that
> generates this mail.  You may a link to this group and all your TCs in OASIS
> at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 
> 


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]