On Tue, Dec 16, 2003 at 06:17:26AM +0900, Masataka Ohta wrote: > Neal McBurnett wrote: > > The term "PKI" is surely hyped and overloaded with meaning. > > Can you clarify *YOUR* definition of PKI? At our PKI workshops there have always been people from a wide variety of perspectives. PKI is a buzzword which we use in lieu of something more widely accepted as pertaining to the full range of public key technologies, infrastructures, tools, objects, policies, policy languages, etc. used for security decisions. > > But as > > many people are pointing out, the use of public key technology > > supported by tools and infrastructures attuned to the needs of > > user communities has its place, both now and in the future. > > "tools AND infrastructures"? > > I have been having a feeling that people who claims to be working > on PKI call tools to support public key technology PKI. But, you, > apparently, are not. If someone tried to sell me tools and seriously claimed it was a "PKI", I'd know they didn't understand what an infrastructure is. But arguing about terminology rapidly leads to a black hole. As has been seen recently in the case of DNS, the potential for confusion often pops up when tools and infrastructure and policy are mixed together in what we call middleware (to introduce another buzzword - sigh). To bring this closer to specifics and thus the engineering realm, one area currently bearing fruit is federations: communities who can agree on policies, data formats, tools, and definitions of other key issues (heh - sic :-). See FOO - Federating Organizations Organization http://middleware.internet2.edu/foo/ Federations (like InCommon) need tools (like shibboleth): http://incommon.internet2.edu/ http://shibboleth.internet2.edu/ The public key aspects are mostly below the surface. This is all related to the Middleware Architecture Committee for Education (MACE) work in directories, object classes, policy languages, etc. Neal McBurnett http://bcn.boulder.co.us/~neal/ Signed and/or sealed mail encouraged. GPG/PGP Keyid: 2C9EBA60