[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [pki-tc] Closure of TC?
Hi Stephen, Thank you for the hard work that you've done as Chair of the TC. It is sad to see the closure of this TC but as we all know, the time has come. Keep in touch and look forward to work with you in the future. June This message contains information which may be confidential and privileged. Unless you are the intended addressee (or authorized to receive for the intended addressee), you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received the message in error, please advise the sender by e-mail then delete the message immediately. Francais: http://www.fundserv.com/francais/legal/disclaimer_email_ib.shtml -----Original Message----- From: Arshad Noor [mailto:arshad.noor@strongauth.com] Sent: Thursday, October 23, 2008 7:52 PM To: swilson@lockstep.com.au Cc: mary mcrae; pki-tc@lists.oasis-open.org; ekmi Subject: Re: [pki-tc] Closure of TC? Good thoughts, Stephen. I concur with your sentiments. PKI is much maligned, misunderstood and misrepresented. But the people who know it and understand it, quietly soldier on, using it where it makes sense, to solve problems that cannot be solved easily with other technologies. Since the OASIS Enterprise Key Management Infrastructure TC has always maintained that PKI is one of two major components of an EKMI (SKMS being the other one), something that we may all want to consider, is if the content of PKI TC and some part of its mission (education, guidelines, etc.) should be subsumed as a sub-committee within EKMI. I'm not sure what the OASIS rules are about this, but I think there are enough people within the EKMI TC who recognize and understand the value of PKI, and see it being a natural part of an enterprise's key-management infrastructure. Arshad ----- Original Message ----- From: "Stephen Wilson" <swilson@lockstep.com.au> To: "mary mcrae" <mary.mcrae@oasis-open.org>, pki-tc@lists.oasis-open.org Sent: Wednesday, October 22, 2008 10:58:33 PM (GMT-0800) America/Los_Angeles Subject: Re: [pki-tc] Closure of TC? Thanks Mary. Firstly, I have been remiss as Chair in my prevarication over alerting the membership to the likely closure of the PKI Adoption TC. For this I apologise. Yet it is surely obvious to all remaining members of the PKIA TC that the group has been sub-critical for a long time. The IDtrust Member Section Steering Committee has discussed the situation over several cycles and has consulted closely with me. Our considered position is that adoption of PKI has in most places got to the point that it no longer captures the imagination sufficient to energise the TC. Over the years, the OASIS PKI TC and the Member Section, as well as the PKI Forum before it, have played a very significant role in the promotion and facilitation of public key technologies. Many of the deliverables live on as valuable contributions to the field. I would like to suggest that we can be jointly proud of our efforts. So, I do believe it is timely and appropriate to close the PKIA TC. Having said that, my personal position is that PKI adoption does in fact still suffer from impediments that we as an industry could still do more to overcome. Chief amongst these is a pervasive cynicism about -- or even antagonism towards -- PKI. True story: Only yesterday I attended a meeting where a handful of CTOs were complaining that they "hated digital certificates". I challenged them them to expand on their comments, because I said that there are all manner of certificates in use and it's not sensible to write them off in one sweeping generalisation. It's a category error; I said it's like saying "I hate operating systems" when all you might have experienced is MS-DOS. But their expansions were bizarre and indicated a true naivety. Their comments included "when someone steals your PC, they steal your certificate", or "they are no more secure than a user name and password" [overlooking the special security enforcing functions of digital signatures even with soft keys], or "they don't even have passwords", or "they expire without any warning", or "what I meant was *personal* certificates". So I could see that these guys had poor experiences about very specific instances of PKCs, and were blithely extrapolating with no sense of perspective or evolution. I asked if any of them were using Skype; they all said yes. I pointed out they were all therefore using personal 'soft' certificates every day, and that they should therefore try and nuance their critiques. Another pertinent anecdote comes from a current client of mine, an Asian Government, that is looking at PKI regulatory reform. They complained to me of disappointing take up rates of certificates; they hypothesise that 'in their culture', people prefer to do business in person. I told them that if anyone thinks that certificates should replace in-person business, then they are ill advised. Certificates are best for automating routine formalised paperless transactions between parties in a defined context, and are not of much use at all for two strangers getting to know one another. So, it is clear to me that much work remains to be done to facilitate the adoption of PKI. The question is, how best to ground the next wave of promotional, educational and strategic activities? I for one will mull this over in coming months. Meanwhile, unless there is a sudden wave of contrary voices, as Chair I would like to recommend to Mary that OASIS commence formal closure of the PKI Adoption TC, and initiate any necessary formalities. With thanks to all OASIS PKI[A] TC members, past and present, Stephen. Stephen Wilson Chair, OASIS PKI Adoption TC Managing Director, Lockstep Group Phone +61 (0)414 488 851 www.lockstep.com.au ------------------- Lockstep Consulting provides independent specialist advice and analysis on identity management, PKI and smartcards. Lockstep Technologies develops unique new smartcard technologies to address transaction privacy and web fraud. Mary McRae wrote: > Hi everyone, > > > > I notice that there are only*/ /* 4 voting members, and that there > have been no real activity on the mail list for quite some time. I > know at one point the TC was considering shutting down. > > > > According to OASIS Policy: > > ---- > > *2.15 Closing a TC* > > > > A TC may be closed by Full Majority Vote of the TC, by Resolution of > the OASIS Board of Directors, or by the OASIS TC Administrator. > > > > The TC Administrator must close a TC that has completed the > deliverables listed in its Charter if the TC does not add new > deliverables or that fails to elect a Chair for the period provided in Section 2.7. > > > > The TC Administrator may close a TC that fails to conduct at least one > Quorate Meeting or conduct any Specification Ballots during any six > month period; whose membership falls below the Minimum Membership; > which has not completed its deliverables within the schedule listed in > its Charter; or which has failed to show progress towards achieving > its purpose as defined by its Charter. > > ---- > > > > Should we begin the process of shutting down this group? > > > > Regards, > > > > Mary > > > > ___________________________________________________________ > > Mary P McRae > > Director, Technical Committee Administration > > OASIS: Advancing open standards for the information society > > email: mary.mcrae@oasis-open.org <mailto:mary.mcrae@oasis-open.org> > > web: www.oasis-open.org <http://www.oasis-open.org/> > > phone: 1.603.232.9090 > > twitter: fiberartisan > > > --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]