Kein Folientitel

1
TeleTrusT PKI WGInformation and
Activities PKI-Forum, 19-Jun-2001 Fritz
Bauspiess bauspiess_at_secorvo.de
Chair of the TeleTrusT PKI Working Group
Secorvo Security Consulting GmbH Albert-Nestler-St
raße 9 D-76131 Karlsruhe Tel. 49 721
6105-500 Fax 49 721 6105-455 E-Mail
info_at_secorvo.de http//www.secorvo.de
2
Contents

• TeleTrusT and its PKI Working Group
• TTT PKI WG Objectives
• TTT PKI WG Activities
• including SidebarPKI of the Public
  Administration (in Germany)
• Initiate Discussion

3
TeleTrusT Working Groups
TeleTrusT WG1Legal Requirements
TeleTrusT WG6Biometric Identification Systems
TeleTrusT WG2Security Architecture
TeleTrusT WG7Public Key Infrastructures
TeleTrusT WG3Medical Applications
TeleTrusT WG8MailTrusT
TeleTrusT WG4Open E-Commerce Security
TeleTrusT WG5Promotions
4
TeleTrusT WG PKI

• The TeleTrusT PKI Working Group concentrates on
• operational aspects and application of PKI
• conditions for running PKI
• more on infrastructures than on technology
• It acts
• as a forum for exchange and discussion of topics
  / problems / solutions between the participants
• as a working group on PKI topics
• currently mainly in Germany ...
• ... although already with some international
  participants -)

5
TTT-WG PKI - Objectives

• The three main objectives of the PKI WG
• Services provided (externally)
• including integration of PKI into business
  processes and consideration of marketability of
  services and applications
• Organisation and Operation (internally)
• Deployment and operation of PKI, key management
  models, requirements for documents of a PKI
• Cooperation of PKI
• Interoperability between PKI including cross
  certification and consideration of nationally and
  internationally relevant aspects

6
TTT-WG PKI - Activities (1)

• Elements of a Policy
• Components of a policy
• Variations of the components
• Comparing policies
• Attribute Certificates
• Specification of Attribute Certificates as
  addition to ISIS (Industrial Signature
  Interoperability Specification)
• Handling of Attributes in Public Key
  Infrastructures

7
TTT-WG PKI - Activities (2)

• Supporting Real Public Key Infrastructures
• German Bridge-CA
• (see talk of Holger Reif given before)
• (German) PKI of the Public Adminstration

8
PKI of the Public Administration

• Pilot SPHINX
• Secure electronic document exchange within the
  federal administration
• Phase 3 running 01-Dec-1999 to 30-Nov-2000
• Project run by the German Ministry of Internal
  Affairs / German Information Security Agency
  (GISA/BSI)
• Consulting CCI, GMD, Secorvo, SBS
• Vendorssuccesfully tested Secartis
  (GieseckeDevrient), Lotus Development, Secude,
  Siemens/SSE, Utimacoin test ATM, CoCoNet, cv
  cryptovision, IT-Secure, Microsoft
• Certificate Service Providers Telesec (Deutsche
  Telekom),TC TrustCenter
• Closing with several hundred active users

9
PKI of the Public Administration

• Pilot SPHINX
• Base documents
• PKI Organisational Handbook including
• End User Handbook
• Operating Handbook for Registration Authorities
• Operating Handbook for Certification Authorities
• Naming Concept
• Functional Requirements to Security Products
• Clients
• Registration and Certification Authorities
• Security Concept for PKI
• Directory Concept
• Technical Base and Implementation Plan

10
PKI of the Public Administration

• Installation of the
• (Federal PCA December 2000)
• PCA of the public administration February 2001
• Installed and operated by the German Information
  Security Agency (GISA/BSI)
• Installation by Secorvo, Baltimore, UNISYS
• Documents
• Using the existing SPHINX documents
• Policy of the PCA
• Guideline for Call for Proposals for Certificate
  Service Providers
• ... and growing!

11
PKI of the Public Administration

• Relation to other activities in Germany
• PKI according to German signature legislation
• Both PKI complement each other
• PKI according to signature legislation kind of
  top-down
• PKI for Public Administration kind of bottom-up
• Both are aware of and approach each other
• German Bridge-CA
• PCA of the Public Administration will join the
  Bridge-CA

12
TTT-WG PKI - Activities (3)

• Flyer on PKI
• Introduction into PKI as a base document for
• introducing the PKI working group
• supporting material of participating members
• will be bilingual (German / English)
• Presentation of the WG at exhibitions
• Website (currently mainly internal)

13
TTT-WG PKI - Activities (4)

• Overview on Existing PKI
• Overview on infrastructures - not on components
• Legal Aspects of PKI
• Joint activity with TeleTrusT WG Legal Aspects

14
Initiate Discussion

• The TeleTrusT PKI Working Group concentrates on
• operational aspects and application of PKI
• conditions for running PKI
• more on infrastructures than on technology
• Its main objectives are
• Services provided (externally)
• Organisation and Operation (internally)
• Cooperation of Different PKI
• What can we gain from each other?

15
Secorvo Security Consulting GmbH Albert-Nestler-St
raße 9 D-76131 Karlsruhe Tel. 49 721
6105-500 Fax 49 721 6105-455 E-Mail
info_at_secorvo.de http//www.secorvo.de