At 01:53 PM 8/11/97 -0400, A. Padgett Peterson P.E. Information Security wrote:
USG published a solicitation today in the CBD for a Public Key Infrastructure which outlines the system requirements: http://jya.com/pkicbd.htm
Interesting from what is *not* there - any mention of key recovery/key escow. Looks like they may finally understand what a Certificate Authority is (not holding breath). Do not think much of appelations (Classic & Gold) and suspect they may need more than two but sounds like a good start.
I'm not sure that it's not there; I'd have to read it three or four more times to be sure, but I got the impression it was hidden in the fine print. The interesting phrase, in the description of "Classic" Certs, is "Generation and storage of an asymmetric key pair can be accomplished via software." and for "Gold" Certs, "Generation and storage of asymmetric key pairs must be performed and protected in hardware." which sounds like it's implying that the CA will generate the asymmetric key pairs rather than the user. I'm sure the interesting details are hidden in the parts that weren't in the CBD announcement, which is normally just an abstract of a procurement. # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list or news, please Cc: me on replies. Thanks.)