OASIS says its PKI Action Plan builds on the results of a series of surveys conducted by the OASIS PKI Technical Committee with IT staff who have deployed or attempted to deploy PKI. The surveys identified five primary obstacles to adoption: poor or missing support in software applications, high costs, poor understanding of PKI among senior managers and end users, interoperability problems, and lack of focus on business needs.
"The OASIS PKI Action Plan directly addresses these obstacles, calling for clear and specific guidelines for using PKI in the most relevant application types--document signing, secure email, and electronic commerce," OASIS notes. "The Plan also defines the need for interoperability testing, improved educational materials, best practices and other measures to reduce cost, and outreach to software application vendors."
"We're issuing an industry-wide Call-to-Action to increase use of a technology that is essential to achieve the level of security needed in today's world," said Steve Hanna of Sun Microsystems, co-chair of the OASIS PKI Technical Committee. "The tactics spelled out in the OASIS PKI Action Plan are not difficult, but they do require the cooperative efforts of the entire community. That's why members of OASIS are calling on all PKI stakeholders--customers, vendors, standards groups, researchers and government--to join us in executing this Plan."
The OASIS PKI Action Plan is a work product of the OASIS PKI Technical Committee, whose members include Booz Allen Hamilton, Computer Associates, Entrust, FundSERV, IBM, KPMG LLP, RSA Security, Sun Microsystems, VISA International, Wells Fargo, and others. By working together to implement the Plan, the group believes that barriers to deployment can be measurably reduced and PKI usage increased.
OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, global consortium that drives the development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. OASIS produces worldwide standards for security, Web services, conformance, business transactions, electronic publishing, topic maps and interoperability within and between marketplaces. Founded in 1993, OASIS has more than 2,500 participants representing over 600 organizations and individual members in 100 countries.
Quelle: ebizQ, 23.02.2004