Lockstep WP03 CA as Security Printer (1.1).pdf Details

Document Details     TC Member Document View
Title "Security Printer" Model for CA Operations
Name * "Security Printer" Model for CA Operations (200K)
Description This white paper describes a new way of conceptualising backend CAs, likening them to the security printers than routinely manufacture cheques, prescription pads, concert tickets etc. The physical security, operational security and accreditation requirements are all very similar. This type of CA would automatically generate certificates on request from authorised RAs.

The model may dramatically reduce CAs' legal liability, because they would be distanced from errors & omissions committed by RAs and by end users. Backend CAs would naturally remain responsible for the quality of their cryptographic processes, operations, personnel and so on.

Just as it is inconceivable that a well run cheque printer would be liable for the consequences of a bank customer writing a bad cheque, CAs in this model would be insulated from many types of potential misadventure in PKI implementations.
Group OASIS Public Key Infrastructure Adoption (PKIA) TC
Folder Presentations
Submitter Mr. Stephen Wilson
Date Submitted Wednesday, 26 September 2007 04:25pm
Document State Draft (A preliminary unapproved sketch, outline, or version.)
Access This document is visible to OASIS Public Key Infrastructure Adoption (PKIA) TC and shared with:
  • OASIS Open (General Membership)
  • General Public