Information Security News mailing list archives
Fed Official Urges Companies Not To Delay PKI
From: mea culpa <jericho () DIMENSIONAL COM>
Date: Mon, 25 Oct 1999 12:23:44 -0600
From: "Noonan, Michael D" <michael.d.noonan () intel com> http://www.internetwk.com/story/INW19991020S0008 The head of the federal government's public-key infrastructure initiative said the benefits of PKI far outweigh difficulties in implementation, and that now is the time for government agencies as well as enterprises to begin plans for deployment. In his keynote address yesterday at the Electronic Messaging Association's Fall '99 Solutions Summit, Richard Guida, chairman of the federal PKI steering committee, called PKI the best method for meeting the government's high security needs. He outlined the government's plan to deploy PKI in several agencies including the Department of Defense, and to use the technology to let the public securely interact with government over e-mail and the Internet. "Federal agencies have to embrace public key technologies," Guida said. "What are the challenges we face across all applications? It's not rocket science: We have to worry about authenticating users, and it has to be a viable level of assurance. You may also need varying levels of authentication, and you need the ability for nonrepudiation. Public key does that. There's no technology yet that will guarantee nonrepudiation, but public- key infrastructure comes closest to it." Guida said the biggest hurdle in PKI deployment is the synchronization of directories, which he said usually accounts for more than half the budget of PKI projects. He advised companies to rethink the common belief that they must solve directory compatibility problems before undertaking PKI planning. "I take the opposite view," he said. "Solutions to directory problems will be pushed by use of PKI, rather than the other way around. If I waited for directory harmony before I started working on PKI, my kids would be the ones working on it. We'd be missing opportunities that are there now. I think standards are good enough to make a PKI system work in an enterprise today." -- David Drucker ISN is sponsored by Security-Focus.COM
Current thread:
- Fed Official Urges Companies Not To Delay PKI mea culpa (Oct 25)