|Shivangi Nadkarni||May 15, 2004 2:46 am|
|Steve Hanna||May 17, 2004 8:26 am|
|Shivangi Nadkarni||May 18, 2004 1:16 am|
|Steve Hanna||May 18, 2004 5:55 am||.bin|
|Steve Hanna||May 18, 2004 11:05 am||.bin|
|Steve Hanna||May 18, 2004 1:49 pm||.bin|
|Yu, Jiafu||May 18, 2004 2:25 pm|
|Steve Hanna||May 19, 2004 6:14 am||.bin|
|Subject:||FW: [pki-askvendors] Revised Ask Vendors survey|
|From:||Shivangi Nadkarni (shiv...@safescrypt.com)|
|Date:||May 15, 2004 2:46:08 am|
Here are some comments from my end...
-----Original Message----- From: Steve Hanna [mailto:Stev...@Sun.COM] Sent: Tuesday, May 11, 2004 2:02 AM To: PKI TC Ask Vendors SC Subject: [pki-askvendors] Revised Ask Vendors survey
I have revised the draft Ask Vendors survey, which is to be sent to product managers or other contacts at key software application vendors, investigating what would help them add PKI support to their products.
Please review this and respond with comments as soon as possible. Then we can revise it and send it to the PKI TC for review.
Subject: PKI Support in Your Products
Please forward this email to the Product Manager for your ??? product or someone else who has insight into the process by which the feature set for this product is chosen.
Shivangi>>> Do we need to give a small intro here saying we are
writing to you from the OASIS PKI Technical Committee which is looking at ways and means of making PKI easy to use......etc....? Just to ensure that the person who receives this doesnt trash the mail, especially if he/she is not the concerned person to whom the survey is targetted.
Or is is that these folks have already been contacted so they dont need a repeat?
Steve Hanna Co-chair, OASIS PKI Technical Committee
In our recent survey of Public Key Infrastructure (PKI) users and experts, the OASIS PKI Technical Committee found that the primary obstacle to PKI deployment and usage was "Software Applications Don't Support It". Textual comments indicated that many applications have no PKI support and that, when present, application PKI support differs widely and is often incompatible. This makes it very hard for users to deploy PKI. They must spend large amounts of money customizing applications to work in their PKI installation.
The OASIS PKI TC has developed a PKI Action Plan in response to the survey results. One of the Action Items in this plan calls for us to "Ask Application Vendors What They Need" to provide better PKI support. Then we will work to provide whatever's lacking.
So we'd like to ask you to complete the following short survey exploring what could be done to help you provide better support for PKI (Public Key Infrastructure).
Why is this worth your valuable time? The market for PKI enabled applications is potentially quite large. The U.S. Department of Defense is now deploying PKI enabled smart cards to 4 million workers. Deployment at the FBI is under way and discussions have begun on extending the system throughout the U.S. government. Corporate adoption of PKI enabled smart cards is picking up with large companies like Johnson and Johnson and Sun Microsystems leading the way.
Shivangi>>> At a global level also, much of Europe and Asia have PKI
initiatives and E-Signature legislations that directly or indirectly propagate PKI
(Sorry - cudnt resist adding a bit of "non-US" centric point in your note ;-))
Enough preliminaries. Here's the survey. Please complete it and return it to me for tabulation. If you have any questions, please don't hesitate to ask me. And note that we will keep all your responses confidential. Only overall summaries will be released.
Steve Hanna Co-chair, OASIS PKI Technical Committee
P.S. If you would like to review our PKI Action Plan, please do so. It is available from http://www.oasis-open.org/committees/pki/pkiactionplan.pdf That document includes URLs for the results from our previous surveys.
Vendor Survey on PKI Support OASIS PKI Technical Committee
1) Does your company currently sell products with PKI support? If so, which ones?
2) Which of the items listed below would be most important to your company in deciding whether to add or improve PKI support in your products?
Please divide 100 points among these categories in any way you like to indicate which would be most important in making your decision.
__ Solid customer demand (projected revenue increase) __ Better PKI-related standards __ Interoperability tests __ PKI support in platforms (Windows, Java, etc.) __ Cross-platform PKI libraries __ Training __ Other (please describe)
3) If the items you marked in the last question were provided, do you expect that your company would decide to add or improve PKI support in your products?
__ Yes __ No __ Maybe
4) Do you have any other comments to add, especially about adding PKI support to your company's products?
5) What is your job title?
Shivangi>>>>> Steve, is this survey targetted at those orgns who
already have PKI support built in for their products or for those who do not currently have support but are "candidates" for the same? If it is going to be answered by people who already have some level of support built in (thats the impression I got from the list of vendors u've circulated), then there shud be a few more questions for them like :
-Are you happy with the PKI functionality/ features built into your product? If not, what specific areas would you like to enhance/ improve? -Are the existing standards in PKI sufficient for building your applications? Did you feel constrained at any point in time by the lack of/ incompleteness of standards? -Did you have to take any decisions to do some amount of "proprietary implementation" to overcome lack of a standard specification? Would you like to share that with us?
These were some thoughts that came to my mind while going thru your mail. If I have any more bursts of inspiration, will let you know.