[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pki-tc] Question: Best Practice for PKI in a DR situation
OK - so it is one component of PKI Operations he's referring to. While it is conceivable to come up with a "best practice" for PKI Disaster Recovery, it is very heavily dependent on the architecture of the PKI and the software that was used to implement that design. We've noticed that different vendors have quite different ways of dealing with disasters - some that were good, and some that were completely unacceptable, requiring unconventional ways to recover. Trying to build a single document that covers so much variability can be daunting - unless we assume a "best practice" for PKI architecture, based on "best practice" policies, and implements "best practice" operations and business processes. I beleive the ISO is circulating something along these lines right now - I just received this reference on another newsgroup: "International Organization for Standardization's >>Draft of International Standard 21188 "Public key infrastructure for >>financial services - Practices and policy framework." It was released for >>comment and approval in March. Voting ends on August 30th." Any possibility that OASIS can get this document and circulate it to the PKI-TC for review, and perhaps, comment? Arshad Noor StrongAuth, Inc. June Leung wrote: > Hi Arshad, > He was referring to CA Recovery in an emergency situation, such as 911. > Thanks, > June > > > June Leung, CISSP > PKI Department > FundSERV Inc. > 1700 - 130 King Street West > Toronto ON > M5X 1E5 > T. 416.350.2516 > F. 416.362.6668 > > -----Original Message----- > From: Arshad Noor [mailto:arshad.noor@strongauth.com] > Sent: Thursday, August 04, 2005 5:18 PM > To: pki-tc@lists.oasis-open.org > Subject: Re: [pki-tc] Question: Best Practice for PKI in a DR situation > > > What best practices is your colleague referring to, June? > PKI policies, architecture, implementation, operations or business > processes? > > While we tend to use certian well-honed design principles > and techniques, we've had to modify them every single time > to account for unique customer policies and constraints. > > Arshad Noor > StrongAuth, Inc. > > > June Leung wrote: > >>Hello everyone, >>A colleague recently asked me if I know of any best practices for PKI >>exists in OASIS. I personally don't think one exists in OASIS, but is > > >>there one exists somewhere else? If not, maybe it's something the PKI > > >>TC can produce. Your feedback is appreciated. >>Thanks, >>June >> >>June Leung, CISSP >>PKI Department >>FundSERV Inc. >>1700 - 130 King Street West >>Toronto ON >>M5X 1E5 >>T. 416.350.2516 >>F. 416.362.6668 >> >> >>--------------------------------------------------------------------- >>To unsubscribe from this mail list, you must leave the OASIS TC that >>generates this mail. You may a link to this group and all your TCs in > > >>OASIS >>at: >>https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php > > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. You may a link to this group and all your TCs in > OASIS > at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]