Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

isn logo Information Security News mailing list archives

Fed Official Urges Companies Not To Delay PKI
From: mea culpa <jericho () DIMENSIONAL COM>
Date: Mon, 25 Oct 1999 12:23:44 -0600
From: "Noonan, Michael D" <michael.d.noonan () intel com>

http://www.internetwk.com/story/INW19991020S0008

The head of the federal government's public-key infrastructure initiative
said the benefits of PKI far outweigh difficulties in implementation, and
that now is the time for government agencies as well as enterprises to
begin plans for deployment.

In his keynote address yesterday at the Electronic Messaging Association's
Fall '99 Solutions Summit, Richard Guida, chairman of the federal PKI
steering committee, called PKI the best method for meeting the
government's high security needs. He outlined the government's plan to
deploy PKI in several agencies including the Department of Defense, and to
use the technology to let the public securely interact with government
over e-mail and the Internet.

"Federal agencies have to embrace public key technologies,"  Guida said.
"What are the challenges we face across all applications? It's not rocket
science: We have to worry about authenticating users, and it has to be a
viable level of assurance. You may also need varying levels of
authentication, and you need the ability for nonrepudiation. Public key
does that. There's no technology yet that will guarantee nonrepudiation,
but public- key infrastructure comes closest to it."

Guida said the biggest hurdle in PKI deployment is the synchronization of
directories, which he said usually accounts for more than half the budget
of PKI projects. He advised companies to rethink the common belief that
they must solve directory compatibility problems before undertaking PKI
planning.

"I take the opposite view," he said. "Solutions to directory problems will
be pushed by use of PKI, rather than the other way around. If I waited for
directory harmony before I started working on PKI, my kids would be the
ones working on it. We'd be missing opportunities that are there now. I
think standards are good enough to make a PKI system work in an enterprise
today." -- David Drucker

ISN is sponsored by Security-Focus.COM

  By Date           By Thread  

Current thread:
  • Fed Official Urges Companies Not To Delay PKI mea culpa (Oct 25)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]