Feds Seek PKI Bids
Bill Stewart
stewarts at ix.netcom.com
Mon Aug 11 12:45:07 PDT 1997
At 01:53 PM 8/11/97 -0400, A. Padgett Peterson P.E. Information Security
wrote:
>>USG published a solicitation today in the CBD for a
>>Public Key Infrastructure which outlines the system
>>requirements:
>> http://jya.com/pkicbd.htm
>
>Interesting from what is *not* there - any mention of key recovery/key
>escow. Looks like they may finally understand what a Certificate Authority
>is (not holding breath). Do not think much of appelations (Classic & Gold)
>and suspect they may need more than two but sounds like a good start.
I'm not sure that it's not there; I'd have to read it three or four more times
to be sure, but I got the impression it was hidden in the fine print.
The interesting phrase, in the description of "Classic" Certs, is
"Generation and storage of an asymmetric key pair
can be accomplished via software."
and for "Gold" Certs,
"Generation and storage of asymmetric key pairs must be performed
and protected in hardware."
which sounds like it's implying that the CA will generate the
asymmetric key pairs rather than the user. I'm sure the interesting
details are hidden in the parts that weren't in the CBD announcement,
which is normally just an abstract of a procurement.
# Thanks; Bill
# Bill Stewart, +1-415-442-2215 stewarts at ix.netcom.com
# You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp
# (If this is a mailing list or news, please Cc: me on replies. Thanks.)
More information about the cypherpunks-legacy
mailing list