OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pki-issues message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Another comment on the PKI Action Plan

Here is a comment on the PKI Action Plan that
I received this morning. Let's discuss it at
tomorrow's PKI TC Issues SC meeting.

Thanks,

Steve

-----

Response to OASIS PKI Action Plan 
Office of the e-Envoy, Trust Programme

Date: December 2003 

Background to use of PKI in the UK public sector

The UK government has a target to deliver online services to citizens with high levels of take up by 2005. The services
being offered require various levels of security and authentication; for those services that require strong
authentication, the Office of the e-Envoy is investigating possible applications for PKI alongside alternative
methodologies and solutions.

The current problems faced by government departments include how to make online services easy to use (authentication is
often perceived as a barrier to entry) and how to operate strong authentication in open communities (usually PKI works
best in closed communities). On the other side, this represents an excellent opportunity to provide practical advice to
implementers of PKI-enabled applications.

The Office of the e-Envoy intends to support the work of the OASIS PKI Technical Committee in resolving the issue of PKI
adoption.

Next steps

The potential for take up of PKI is good; however, business needs and ease of use must be the key priorities.
In the UK, complementary solutions to PKI like ID-PKC are being developed and trialled for government services.

Leveraging from existing operating systems like Windows 2000 could also be investigated.

The Office of the e-Envoy is working towards developing guidance and policy on authentication, including PKI.

CSIA, the Central Sponsor for Information Assurance, an independent security body which works with the Office of the
e-Envoy and reports to the current e-Envoy Andrew Pinder, issued a security framework including PKI in 2002. The security
framework can be accessed at:

http://www.cabinet-office.gov.uk/csia/documents/index.stm

S/MIME Cryptographic Signature

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]