|Subject:||Re: [pki-tc-chair] Oasis PKI contact list|
|From:||Steve Hanna (Stev...@Sun.COM)|
|Date:||Mar 17, 2004 11:19:16 am|
bin00006.bin - 3k
I have reviewed the paper you sent yesterday.
Speaking as the PKI TC co-chair, I think you should get in touch with our Education Subcommittee. The paper may be useful as a resource in this group's work (gathering and supplementing educational materials on PKI). June Leung of FundSERV is the chair of this SC. I have sent her a copy of your paper and cc'd her on this email.
Speaking as an individual, I agree that PKI has great value in high-volume applications with automated processing. However, I think that it can also have significant value in other situations, such as identifying individuals in a multi-application high-security business environment like financial services. June may want to comment on this, since it's FundSERV's business.
I also agree that it's not realistic (and perhaps not desirable) to expect a single credential to serve for all purposes. However, I think there are situations where a credential may be multi-use. For instance, the Sun employee ID card can be used for building access, purchasing items in our cafeteria, logging in to our machines, authenticating to corporate software systems, accessing the corporate VPN, etc. Through a federated identity system or cross-certification, we may soon be able to use our ID card for accessing external systems as well (such as travel reservations).
The main downsides to requiring separate credentials for separate systems are: greater cost of issuance and management, difficulty keeping separate credential systems up to date, and less convenience to the user (who must carry several cards and remember several activation PINs). That's why Sun consolidated on a single employee ID. I'd like to see this reflected in your document.
Steve Hanna wrote:
Thanks for sending your paper directly. I will review it and get you comments.
I look forward to hearing more from you after you finish reading the PKI Action Plan.
Stephen Wilson wrote:
Some sort of informal staying-in-touch would be great, in lieu of my formal joining of Oasis. I intend to join so just as soon as my cash flow becomes positive. Or even just a bit less negative.
At my last place of work we were not Oasis members either but I got involved with the first obstacles Survey and the follow up survey. So I am keen to stay in touch. Supporter status may be a good option too, just give me some time to digest the Action Plan.
Sorry about the link to my paper not working for you. It seems ok at this end. But the paper is attached this time just in case.
Talk soon. Cheers,
Thanks for your note, Stephen. I have updated your contact information in my address book.
In order to add your name to the PKI TC email list, I'm afraid that you need to be an OASIS member. You can join OASIS as an individual for US$250 per year. If that's not possible, you can follow discussions through the web archives but you won't be able to participate. :-(
We are looking into the possibility of having a pki-tc-interest list that we can use to send announcements to interested parties, but that's not ready yet.
One thing that you *can* do without being an OASIS member is to read our PKI Action Plan at http://www.oasis-open.org/committees/pki/pkiactionplan.pdf If you like it, you can sign on as a supporter and we'll list you as such in the next version of the PKI Action Plan. Let me know if you want to do so.
P.S. I could not access the document at www.aitsf.aeema.asn.au/resources/doc/documents_10.pdf Maybe there's a typo in the URL?
Stephen Wilson wrote:
I would like to update my contact details please on the Oasis PKI list. I was in close contact through much of 2003 on the survey and the implementation plan. I left my previous employer and have set up a new independent consultancy "Lockstep". My strong interests remain in PKI, cross broder PKI, embedded PKI, smartcards etc.
Is it possible to have my new email address added to the list? And let me register my interest too in remaining involved. Much as I would like to formally join Oasis, it isn't possible yet with my fledgling business.
John Sabo: you may recall we met a couple of times way back when I was with PwC. I used to chair the Certification Forum of Australia and in that capacity made a keynote presentation at the PKI Forum meeting in Sydney in 2000 on a new international PKI model.
A recent expression of my views is in www.aitsf.aeema.asn.au/resources/doc/documents_10.pdf
I've been working recently on a comparison of the US Federal Bridge and a community-of-interest specific approach. Are these topics of interest? Perhaps we can correspond.
Looking forward to news. Cheers,
Stephen Wilson Lockstep Consulting ABN 59 593 754 482
11 Minnesota Ave Five Dock NSW 2046 Australia
P +61 (0)414 488 851
To unsubscribe from this mailing list (and be removed from the roster
of the OASIS TC),go tohttp://www.oasis-open.org/apps/org/workgroup/pki-tc- chair/members/leave_workgroup.php.[attachment]
-- <Put email footer here>
Name: AITSF PKI Position
Statement.pdf AITSF PKI Position Statement.pdf Type: Acrobat (application/pdf) Encoding: base64 Download Status: Not downloaded with message
To unsubscribe from this mailing list (and be removed from the roster of the
OASIS TC), go to