Lockstep

[Skip Navigation]
  • Home
  • About Us
  • News
  • Services
  • Partners
  • Library
  • Contact Us
  • New Inventors pod cast
  • Stepwise on ABC TV The New Inventors - 19 Nov
  • Lockstep judged a Top Five Security Firm in Asia
  • Tech reflections on privacy
  • e-Voting presentation at AusCERT 2008
  • Privacy & Security presentation
  • Plurality of Identities
  • "Public Key Superstructure"
  • Stepwise pitch: Safety in Numbers
  • New e-voting paper
  • Lockstep a Cool Company!
  • Interview: Privacy & Technology
  • Smartcards Summit keynote presentation
  • Australian Smartcard Summit
  • New and revised Babysteps
  • National innovation award
  • Senate Committee appearance
  • "Safety in Numbers"
  • New senior consultant - health sector
  • Lockstep presenting at AusCERT 2007
  • IT competition shortlist
  • Radio National Interview
  • "Public Key Superstructure"
  • Access Card Submission
  • Lockstep speaking at Safeguarding Australia
  • Embedded PKI in China
  • Authentication shakeout
  • Lockstep at Security Summit
  • Smartcards and Medicare
  • Interoperability & PKI myths
  • Asia Pac Risk Mgt, Singapore
  • OASIS PKI Survey
  • New "Babysteps" paper
  • New series: "Babysteps"
  • Smartcard Id Mgt Seminar
  • New paper published in China
  • Interview: "The eyes have it"
  • Relationship Certs in China
  • The 3rd OASIS International PKI Survey
  • World's smallest reader
  • Two new PKI whitepapers
  • IIA Two Factor Authentication Pilot
  • New ROI paper
  • Authentication workshop
  • Lockstep developed new PKI Resources Page
  • Other news

Relationship Certs in China

[5 Nov 2005] Stephen presented to the 5th International PKI Symposium in Beijing.

The invited presentation, "Relationship Certificates for Known Customers - a new PKI paradigm" was received enthusiastically. Mine was the only presentation all day to attract a question from the audience, when the Chair of the Chinese Taipei PKI Forum, Han-Min Hsia, took to the stage in response.

Dr Hsia said he worries that the PKI industry is too conservative. In contrast, the IT industry is characterised by its speed of progress. Therefore Dr Hsia appreciated the "innovative ideas from Australia" on how to build better PKIs, and asked for suggestions as to how PKI could make better use of innovation in general in the IT industry.

Of course I agreed that PKI has been too conservative. I suggested that while we do need a radical rethink of how certificates are issued and used, we can preserve the valuable investment made by CAs around the world. Most CAs should probably change their business model to wholesale certificate manufacture over a large number of trusted organisations, professional associations, e-commerce schemes and so on. I went on to suggest that other potential areas for innovation in PKI include adopting accreditation frameworks from other sectors.

An annotated copy of my presentation is available at conference presentations. See also the new Relationship Certificates and Security Printer whitepapers at PKI library.

Throughout the APKIF Working Group meetings this past week, views seemed to be converging on variations of the Relationship Certificates concept. The Japan PKI Forum described a move towards trusted organisations rather than generic certification service providers, and the Korea PKI Forum discussed the use of (multiple) X.509 certificates for the efficient management of long term attributes. Details will follow shortly in my trip report to be posted at Asia PKI Forum.

© 2009 Lockstep Consulting ABN 59 593 754 482
11 Minnesota Avenue Five Dock NSW 2046
Mobile: +61 (0) 414 488 851 Email Us
Terms and Conditions