OASIS PKI TC Ask Vendors SC Survey DRAFT - May 18, 2004 Subject: PKI Support in Your Products We, the OASIS PKI Technical Committee, are working to improve Public Key Infrastructure (PKI) and to remove obstacles to PKI deployment and usage. Since your company has a product relevant to PKI, we'd like to ask for a small amount of assistance. Please forward this email to the Product Manager for your ??? product or someone else who has insight into the process by which the feature set for this product is chosen. Thanks, Steve Hanna Co-chair, OASIS PKI Technical Committee ------------- Dear Sir/Madam, In our recent survey of Public Key Infrastructure (PKI) users and experts, the OASIS PKI Technical Committee found that the primary obstacle to PKI deployment and usage was "Software Applications Don't Support It". Textual comments indicated that many applications have no PKI support and that, when present, application PKI support differs widely and is often incompatible. This makes it very hard for users to deploy PKI. They must spend large amounts of money customizing applications to work in their PKI installation. The OASIS PKI TC has developed a PKI Action Plan in response to the survey results. One of the Action Items in this plan calls for us to "Ask Application Vendors What They Need" to provide better PKI support. Then we will work to provide whatever's lacking. So we'd like to ask you to complete the following short survey exploring what could be done to help you provide better support for PKI (Public Key Infrastructure). Why is this worth your valuable time? The market for PKI enabled applications is potentially quite large. The U.S. Department of Defense is now deploying PKI enabled smart cards to 4 million workers. Deployment at the FBI is under way and discussions have begun on extending the system throughout the U.S. government. In Europe, Asia, and around the world, PKI initiatives are under way and in some cases large and well established. Corporate adoption of PKI enabled smart cards is picking up with large companies like Johnson and Johnson and Sun Microsystems leading the way. Enough preliminaries. Here's the survey. Please complete it and return it to me for tabulation. If you have any questions, please don't hesitate to ask me. And note that we will keep all your responses confidential. Only overall summaries will be released. Thanks, Steve Hanna Co-chair, OASIS PKI Technical Committee P.S. If you would like to review our PKI Action Plan, please do so. It is available from http://www.oasis-open.org/committees/pki/pkiactionplan.pdf That document includes URLs for the results from our previous surveys. ------------- Vendor Survey on PKI Support OASIS PKI Technical Committee 1) Does your company currently sell products with PKI support? If so, which products include PKI support and what sort of PKI support do they include? 2) Are you happy with your PKI support or lack thereof? If not, what changes would you like to make? Is there something in particular holding you back from making these changes? If so, what? 3) Which of the items listed below would be most important to your company in deciding whether to add or improve PKI support in your products? Please divide 100 points among these categories in any way you like to indicate which would be most important in making your decision. __ Solid customer demand (projected revenue increase) __ Better PKI-related standards __ Interoperability tests __ PKI support in platforms (Windows, Java, etc.) __ Cross-platform PKI libraries __ Training __ Other (please describe) 4) If the items you marked in the last question were provided, do you expect that your company would decide to add or improve PKI support in your products? __ Yes __ No __ Maybe 5) Do you have any other comments to add, especially about adding PKI support to your company's products? 6) What is your job title?