Tim Polk, NIST PKI Program Manager March 2000

Slides:



Advertisements
Similar presentations
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Advertisements

PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.
15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.
PKI -An Industry Perspective Lisa Pretty Executive Director.
Lecture 23 Internet Authentication Applications
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
Public Key Infrastructure Ben Sangster February 23, 2006.
Tim Polk, NIST PKI Overview Tim Polk, NIST
Uncle Sam, Meet The PKI! Richard Guida Chair, Federal PKI Steering Committee Michèle Rubenstein Department of the Treasury,
Resource PKI: Certificate Policy & Certification Practice Statement Dr. Stephen Kent Chief Scientist - Information Security.
Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer
PKI Technology & Interoperability Lisa Pretty Executive Director.
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Understanding and Leveraging MU2 Optional Transports Paul M. Tuten, PhD Senior Consultant, ONC Leader, Implementation Geographies Workgroup, Direct Project.
IDA Security Experts Workshop Olivier LIBON Vice President – GlobalSign November 2000.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.
Presented at: Demonstrations and Prototypes TIM 7 Presented by: Dominic Timoteo / Shoeb Jafri SWIM Implementation Team May 04, 2011 Federal Aviation Administration.
Java Security Pingping Ma Nov 2 nd, Overview Platform Security Cryptography Authentication and Access Control Public Key Infrastructure (PKI)
Configuring Directory Certificate Services Lesson 13.
Communications-Electronics Security Group. PKI interoperability issues for UK Government Richard Lampard
Digital Signatures A Brief Overview by Tim Sigmon April, 2001.
Module 9: Fundamentals of Securing Network Communication.
Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.
Connect. Communicate. Collaborate Federation Interoperability Made Possible By Design: eduGAIN Diego R. Lopez (RedIRIS)
A Brief Overview of draft-ietf-sidr-cp-01.txt draft-ietf-sidr-cps-rirs-01.txt draft-ietf-sidr-cps-isp-00.txt Steve Kent BBN Technologies.
1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.
By Umair Ali. Dec 2004Version 1 -PKI - a security architecture – over the internet. -Provides an increased level of confidence for exchanging information.
Leveraging Campus Authentication for Grid Scalability Jim Jokl Marty Humphrey University of Virginia Internet2 Meeting April 2004.
The FBCA Architecture: Lessons Learned Tim Polk, NIST March 9, 2001.
Mariann Yeager, NHIN Policy and Governance Lead (Contractor) Office of the National Coordinator for Health IT David Riley, CONNECT Lead (Contractor) Federal.
1 Public Key Infrastructure Rocky K. C. Chang 6 March 2007.
Naming in Content-Oriented Architectures 1. select produce Data publishing RWINameKey Data own certify 2.
The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.
E-Authentication Guidance Jeanette Thornton, Office of Management and Budget “Getting to Green with E-Authentication” February 3, 2004 Executive Session.
TAG Presentation 18th May 2004 Paul Butler
eHealth Standards and Profiles in Action for Europe and Beyond
Chapter 5 Network Security Protocols in Practice Part I
Trust and Identification
ITIL® v3 Qualification & Certification scheme
Trust Anchor Management Problem Statement
Achieving Justice Information Interoperability
SECURING NETWORK TRAFFIC WITH IPSEC
TAG Presentation 18th May 2004 Paul Butler
NIST Path Validation Protection Profiles
Organized by governmental sector (National Institute of information )
SWIM Common PKI and policies & procedures for establishing a Trust Framework                           Kick-off meeting Patrick MANA Project lead 29 November.
Public Key Infrastructure (PKI)
S/MIME T ANANDHAN.
CS691 M2009 Semester Project PHILIP HUYNH
APNIC Trial of Certification of IP Addresses and ASes
CompTIA Security+ Study Guide (SY0-401)
U.S. Federal e-Authentication Initiative
CompTIA Security+ Study Guide (SY0-501)
CS691 M2009 Semester Project PHILIP HUYNH
Security in ebXML Messaging
زير ساخت كليد عمومي و گواهي هويت
NAAS 2.0 Features and Enhancements
Goals Introduce the Windows Server 2003 family of operating systems
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Public Key Infrastructure from the Most Trusted Name in e-Security
Technical Approach Chris Louden Enspier
Cryptology/Cryptography
HIMSS National Conference New Orleans Convention Center
Public Key Infrastructure
Resource Certificate Profile SIDR WG Meeting IETF 66, July 2006
NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop December 14, 2006.
Install AD Certificate Services
September 2002 CSG Meeting Jim Jokl
RSA Digital Certificate Solutions RSA Solutions for PKI David Mateju RSA Sales Consultant
Presentation transcript:

Tim Polk, NIST PKI Program Manager wpolk@nist.gov March 2000 Component, Enterprise, Or Application? Choices In Interoperability Testing Tim Polk, NIST PKI Program Manager wpolk@nist.gov March 2000 October 28, 2019

PKI Interoperability Three different aspects to PKI interoperability Component interoperability Enterprise interoperability Application interoperability October 28, 2019

PKI Component Interoperability Ability to mix and match COTS PKI products Depends upon specification-based messages exchanged between components to support: Certificate requests Certificate renewal Certificate revocation CA RA Client Repository October 28, 2019

Factors For Component Interoperability Algorithm suite Certificate management protocols Certificate issuance Certificate revocation Transport mechanisms October 28, 2019

Enterprise Interoperability Enterprise A PKI CA RA Client Repository A Enterprise B PKI Repository B The ability to connect two enterprise PKIs into a larger functional PKI More than just cross-certification Clients must be able to find and validate meaningful certification paths October 28, 2019

Factors for Enterprise Interoperability Algorithm suite Certificate format and extension set Certificate policies Certificate status information formats Path building and validation across PKIs October 28, 2019

Application Interoperability Enterprise A PKI CA RA Client Repository A Enterprise B PKI Repository B The ability of PKI-aware applications to: Share PKI certificates, key-pairs, and processing modules Rely on different PKI environments to implement security services October 28, 2019

Factors for Application Interoperability Ability to share cryptographic modules OR export/import cryptographic materials Cryptographic application programming interfaces (APIs) Access to path validation and path building utilities Consistency of processing Feature sets October 28, 2019

Does Anyone Care? Yes, to different degrees Application interoperability is the real goal In fact, it’s an expectation, especially for electronic mail Enterprise interoperability is the prerequisite for application interoperability Component interoperability will reduce cost and increase choices - some day October 28, 2019

What NIST Is Doing Promote Interoperability Certificate Formats and Profiles Certificate Management Protocols MISPC V2 (soon!) and interoperability workshops Encouraging multi-algorithm solutions through expanded FIPS, MISPC Pursuing Bridge CA Concept Profiles for PKI-Enabled Application Interoperability Testing October 28, 2019

NIST And Interoperability Testing CMP interoperability workshops Bridge CA demonstration and testing (ongoing) Path Validation Test Suite (end of FY00) S/MIME v3 interoperability testing (FY01) October 28, 2019

S/MIME Interoperability Testing Remote testing against the Van Dyke reference implementation May use NIST issued certificates to eleiminate enterprise interoperability issues OR May use locally issued certificates if your PKI is cross certified with the Federal Bridge CA May be followed by tests for additional applications October 28, 2019

For More Information Tim Polk (301) 975-3348 wpolk@nist.gov October 28, 2019

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.