1 / 11

TeleTrusT: Take-off for PKI Applications? - PowerPoint PPT Presentation

  • Uploaded on

TeleTrusT: Take-off for PKI Applications?. Helmut Reimer TeleTrusT Deutschland e. V. E-Mail: [email protected] EESSI-Meeting, Rome, 7. April 2003. TeleTrusT - General. Promoting the trustworthiness of information and communication technology founded in 1989 in Germany

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'TeleTrusT: Take-off for PKI Applications?' - page

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

TeleTrusT: Take-off for PKI Applications?

Helmut Reimer

TeleTrusT Deutschland e. V.

E-Mail: [email protected]

EESSI-Meeting, Rome, 7. April 2003

Teletrust general
TeleTrusT - General

  • Promoting the trustworthiness of information and communication technology

  • founded in 1989 in Germany

  • Focus on Applied Cryptography & Biometrics

  • 100 members: major user sectors, research organisations, developers and manufacturers of security products, government agencies, and test institutes.

  • non-profit, political independent

More than 10 years experience
More than 10 Years Experience

View on implementation of PKI-Solutions:

  • The standards (and EESSI outcomes) gives orientations, but no concepts for interoperability.

  • The Implementations follows often the (different) legal requirements more than practical considerations.


  • For a long time we will have paper & electronic documents in parallel.

  • Therefore we have to accompany the transformation and not to expect the jump.

  • The ‚take-off‘ of signatures in PKI-applications needs the business case, also for CSPs.

Interoperability different aspects
Interoperability: Different aspects

  • From the view of a relying party: Has to accept qualified certificates issued from different providers.

  • From the view of a signing party: The interpretation of the signature should be possible with standard tools.

  • From the view of a business process: Certificates of different PKI-applications should be interoperable.

Transformation some remarks
Transformation - some remarks

  • The gap is to wide between the high-end, one-purpose signature vision and real-used PKI applications.

  • The benefit from signature applications in open environments is uncertain up to now.

  • Applications in closed user groups and also in enterprise & governmental PKI‘s can help to find out the ‚best practices‘.

  • Trust establishing needs a step-by-step turn over strategy.

Teletrust proposals
TeleTrusT Proposals

  • ISIS-MTT: Profiled PKI standards

  • Bridge CA: Trust establishment between PKI islands

Profiling pki standards
Profiling PKI-Standards

  • Synthesis of already available specifications towards a unified and open standard.

  • This standard should take into account the current technical and legal requirements and should receive active support by the market players.

  • Development of a test specification and a test bench, which allows the applications developers to prove their ISIS-MTT-interoperability

  • Investment protection for users because of exchange-ability of single components.

Put PKI benefits together!

Authenictaion of users and servers

confidential communication(TLS/SSL)

file encryption

encrypted Email(S/MIME)

data authenticity and -integrity (digital signature)

time stamping


Single Sign On

additional PKI services

European Bridge-CA


ISIS-MTT „the foundation“Common ISIS-MTT Specification for Interoperability and Test Systems

ISIS-MTT: The Structur


  • Certificate Profile

  • Attribut Certificate

  • CRL´s + OCSP

  • PKI-Management

  • Path Validation

  • Algorithms

  • PKCS#11

  • TSP

Advanced Certificates

Qualified Certificates (EC-Directive)

C o r e P r o f i l e

Qual. Certificates (German Accreditation)

  • QC - Statement

  • OCSP - positive Statement


  • Extensions

Secure Access

Secure applicationproviding

Digitally signed orders

Secure e-mail

Secure exchangeof sensible data

Order and supply of products and services





Digital Signatures













Single Sign-On

The Bridge CA connects PKI islands

We invite the eessi experts to improve and to use our experiences
We invite the EESSI-Experts to improve and to use our experiences

  • TeleTrusT: www.teletrust.deMr. Prof. Helmut Reimer, TeleTrusT e.V. Managing Director; [email protected]

  • ISIS-MTTProject management and public relations:Mr. Fiedler, Nimbus Network; [email protected]

  • Bridge-CAProject management and public relations:Mr. Steiert, TeleTrusT e. V.; [email protected]