TeleTrusT:
Download
1 / 11

TeleTrusT: Take-off for PKI Applications? - PowerPoint PPT Presentation


  • 74 Views
  • Uploaded on

TeleTrusT: Take-off for PKI Applications?. Helmut Reimer TeleTrusT Deutschland e. V. E-Mail: [email protected] EESSI-Meeting, Rome, 7. April 2003. TeleTrusT - General. Promoting the trustworthiness of information and communication technology founded in 1989 in Germany

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'TeleTrusT: Take-off for PKI Applications?' - page


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

TeleTrusT: Take-off for PKI Applications?

Helmut Reimer

TeleTrusT Deutschland e. V.

E-Mail: [email protected]

EESSI-Meeting, Rome, 7. April 2003


Teletrust general
TeleTrusT - General

  • Promoting the trustworthiness of information and communication technology

  • founded in 1989 in Germany

  • Focus on Applied Cryptography & Biometrics

  • 100 members: major user sectors, research organisations, developers and manufacturers of security products, government agencies, and test institutes.

  • non-profit, political independent


More than 10 years experience
More than 10 Years Experience

View on implementation of PKI-Solutions:

  • The standards (and EESSI outcomes) gives orientations, but no concepts for interoperability.

  • The Implementations follows often the (different) legal requirements more than practical considerations.

    but

  • For a long time we will have paper & electronic documents in parallel.

  • Therefore we have to accompany the transformation and not to expect the jump.

  • The ‚take-off‘ of signatures in PKI-applications needs the business case, also for CSPs.


Interoperability different aspects
Interoperability: Different aspects

  • From the view of a relying party: Has to accept qualified certificates issued from different providers.

  • From the view of a signing party: The interpretation of the signature should be possible with standard tools.

  • From the view of a business process: Certificates of different PKI-applications should be interoperable.


Transformation some remarks
Transformation - some remarks

  • The gap is to wide between the high-end, one-purpose signature vision and real-used PKI applications.

  • The benefit from signature applications in open environments is uncertain up to now.

  • Applications in closed user groups and also in enterprise & governmental PKI‘s can help to find out the ‚best practices‘.

  • Trust establishing needs a step-by-step turn over strategy.


Teletrust proposals
TeleTrusT Proposals

  • ISIS-MTT: Profiled PKI standards

  • Bridge CA: Trust establishment between PKI islands


Profiling pki standards
Profiling PKI-Standards

  • Synthesis of already available specifications towards a unified and open standard.

  • This standard should take into account the current technical and legal requirements and should receive active support by the market players.

  • Development of a test specification and a test bench, which allows the applications developers to prove their ISIS-MTT-interoperability

  • Investment protection for users because of exchange-ability of single components.


Put PKI benefits together!

Authenictaion of users and servers

confidential communication(TLS/SSL)

file encryption

encrypted Email(S/MIME)

data authenticity and -integrity (digital signature)

time stamping

VPN

Single Sign On

additional PKI services

European Bridge-CA

„E-Business“

ISIS-MTT „the foundation“Common ISIS-MTT Specification for Interoperability and Test Systems


ISIS-MTT: The Structur

ISIS-MTT Spec

  • Certificate Profile

  • Attribut Certificate

  • CRL´s + OCSP

  • PKI-Management

  • Path Validation

  • Algorithms

  • PKCS#11

  • TSP

Advanced Certificates

Qualified Certificates (EC-Directive)

C o r e P r o f i l e

Qual. Certificates (German Accreditation)

  • QC - Statement

  • OCSP - positive Statement

SigG-Profile

  • Extensions


Secure Access

Secure applicationproviding

Digitally signed orders

Secure e-mail

Secure exchangeof sensible data

Order and supply of products and services

CA

CA

CA

CA

Digital Signatures

Employee

Employee

Employee

Employee

Client

Client

Client

Client

Partner

Partner

Partner

Partner

Single Sign-On

The Bridge CA connects PKI islands


We invite the eessi experts to improve and to use our experiences
We invite the EESSI-Experts to improve and to use our experiences

  • TeleTrusT: www.teletrust.deMr. Prof. Helmut Reimer, TeleTrusT e.V. Managing Director; [email protected]

  • ISIS-MTTProject management and public relations:Mr. Fiedler, Nimbus Network; [email protected]

  • Bridge-CAProject management and public relations:Mr. Steiert, TeleTrusT e. V.; [email protected]

  • www.bridge-ca.orgwww.isis-mtt.org


ad