1 / 14

PKI -An Industry Perspective

PKI -An Industry Perspective. Lisa Pretty Executive Director. PKI Forum.

tanner
Download Presentation

PKI -An Industry Perspective

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PKI -An Industry Perspective Lisa Pretty Executive Director

  2. PKI Forum “The PKI Forum is an international, not-for-profit, multi-vendor and end-user alliance whose purpose is to accelerate the adoption and use of Public-Key Infrastructure (PKI). The PKI Forum advocates industry cooperation and market awareness to enable organizations to understand and exploit the value of PKI in their e-business applications.”

  3. PKI is the Future! • Predictions for the overall market are huge. • Both IDC and Frost & Sullivan put PKI as one of the fastest growing markets in the Internet security space in coming years. • According to Aberdeen Group, 98% of the Global 2000 enterprises will be using PKI before 2003.

  4. PKI Market Forecast, 1997-2003by Revenue Category Source: Datamonitor, “Public-Key Infrastructure 1999-2003”, December 1999

  5. What will it take? • Top Inhibitors of PKI deployment • Lack of Multi-vendor Interoperability • Minimal understanding of PKI • Complexity of Installation & Deployment

  6. PKI Interoperability • Three different aspects to PKI interoperability • Component interoperability • Enterprise interoperability • Application interoperability

  7. RA CA Repository Client PKI Component Interoperability • Ability to mix and match COTS PKI products • Depends upon specification-based messages exchanged between components to support: • Certificate requests • Certificate renewal • Certificate revocation

  8. RA RA CA CA Enterprise A PKI Repository A Client Client Repository B Enterprise B PKI Enterprise Interoperability • The ability to connect two enterprise PKIs into a larger functional PKI • More than just cross-certification • Clients must be able to find and validate meaningful certification paths

  9. RA RA CA CA Enterprise A PKI Repository A Client Client Repository B Enterprise B PKI Application Interoperability • The ability of PKI-aware applications to: • Share PKI certificates, key-pairs, and processing modules • Rely on different PKI environments to implement security services

  10. Projects Underway • Technical Working Group • CA-CA Interoperability • Application Certificate Interoperability • CMP Interoperability • Token Portability & Interoperability • White Paper - Interoperability • White Paper - Critical Path Construction • White Paper - LDAP

  11. Business Working Group • Education & Marketing • Applications • Best Practices • Policy & Privacy

  12. Policy/Legislative Principles 1. Promote “product neutral” not “technology neutral” rules. 2. Discourage rules that implicate an inherent equivalency of signature technologies. 3. Advance validity and enforceability of PKI system rules, user agreements,certificates, and digital signatures. 4. Advance government recognition and use of private sector-based PKI guidelines and standards.

  13. Principles (con’d) 5. Promote basic/minimum PKI "default rules“ 6. Advance both authentication and privacy benefits of PKI. 7. Eliminate restrictions on import/export of crypto. 8. Address and harmonize consumer use / rights / obligations.

  14. www.PKIForum.org Info@pkiforum.org +1.650.560.9931

More Related