[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pki-tc] A Call to Action!
Absolutely! I think it's very important. The fact that SAML assertions are digitally signed implies embedded or under-the-covers PKI of some sort doesn't it? How do practical implementations of SAML manage the keys & certs? Is this a great example of how PKI becomes invisible if its peculiarities are absorbed into regular admin functions? Cheers, Stephen. Dee Schur wrote: > I can probably did up some potential implementations of SAML on top of PKI. > Is this of interest? I think the entire healthcare systems in Denmark and > France are working on this now. > Dee > > -----Original Message----- > From: Stephen Wilson [mailto:swilson@lockstep.com.au] > Sent: Thursday, November 01, 2007 1:38 PM > To: pki-tc@lists.oasis-open.org > Subject: [pki-tc] A Call to Action! > > > Dear PKI-TC Members. > > We need your help! > > We've all 'signed up' to do something collectively to improve > understanding of PKI, and develop fresh outreach materials. Yet > progress remains too slow. Only four case studies have been finalised, > and despite early indications that there was interest in new and > innovative position papers, we still haven't got any real engagement or > group discussion happening via the e-mail list. > > I have to say frankly that the turnout for yesterday's scheduled > conference call was extremely disappointing, especially given the > prompts I sent out the week prior (see below). > > Obviously everyone's busy, but we're all in this together, and we all > agree that education remains a key factor to improving our industry. > > I'm appealing to you all to put in two or three hours a month, to make > the PKIA TC really worthwhile. Let's try to have: > > (1) comments and discussion on the list about the references attached > (or anything else you might have that could inform position papers) > (2) more case studies (the template is available at the TC member site) > (3) a good turnout for the next conference call, on the last > Wednesday in November. > > Thanks everyone. > > Cheers, > > Stephen Wilson > Chair, OASIS PKI Adoption TC > Managing Director, Lockstep Group > > Phone +61 (0)414 488 851 > > www.lockstep.com.au > ------------------- > Lockstep Consulting provides independent specialist advice and analysis > on identity management, PKI and smartcards. Lockstep Technologies > develops unique new smartcard technologies to address transaction > privacy and web fraud. > > > -------- Original Message -------- > Subject: [pki-tc] For discussion at next meeting > Date: Tue, 23 Oct 2007 04:27:37 +1000 > From: Stephen Wilson <swilson@lockstep.com.au> > Organization: Lockstep > To: pki-tc@lists.oasis-open.org > > > Hello everyone. > > Thanks again for those who have produced case studies, we're building up > a nice set! These will be posted soon on the totally new IDtrust > Resources Page. Keep up the good work! > > > Meanwhile I'd like to get some discussion happening at the next PKIA TC > con call around a new whitepaper or two on strategic issues -- fresh > thinking in PKI. To get things rolling, I attach two papers on new ways > to apply PKI and govern it. These are meant only to seed discussion. > > I got some good feedback from Peter Alterman on the "Security Printer" > concept. This is where a CA operates on a wholesale sort of basis, > producing certificates on request from authorised RAs, targeting > particular independent applications. A security printer can service > multiple customers (e.g. different banks for cheques, different concert > organisers for tickets, different doctors for prescription pads) and > remain insulated from liabilities arising from misuse of those different > paper products. The printer's liabilities concern quality of printing, > protection of special equipment and paper stock, personnel security etc. > > All these attributes are strongly analagous to governance of CAs. So > the "security printer model" suggests we can better define the > demarcation of RA and CA in the CP/CPS, and generally de-mystify and > simply the legal arrangements or CA, RA and Subject. > > The other paper is an earlier attempt to re-imagine certificates as > representing relationships instead of personal identity per se. In the > current climate, the idea of Relationship Certificates seems to me to > resonate with "Identity 2.0". > > Perhaps a PKIA TC discussion paper that relates 'modern' PKI to Identity > 2.0 at the policy and governance level would be useful and achievable? > > So ... please take an hour or so between now and next week to read and > think about these issues, and we'll talk on the 31st. > > Reminder of the call schedule: > > Wed, 31 Oct, 03:00pm ET > Wed, 28 Nov, 03:00pm ET > Wed, 26 Dec, 03:00pm ET *** To be re-scheduled because of Boxing Day *** > > Cheers, > > Stephen Wilson > Chair, OASIS PKI Adoption TC > Managing Director, Lockstep Group > > Phone +61 (0)414 488 851 > > www.lockstep.com.au > ------------------- > Lockstep Consulting provides independent specialist advice and analysis > on identity management, PKI and smartcards. Lockstep Technologies > develops unique new smartcard technologies to address transaction > privacy and web fraud. > > > > > > --------------------------------------------------------------------- > To unsubscribe from this mail list, you must leave the OASIS TC that > generates this mail. You may a link to this group and all your TCs in OASIS > at: > https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]