Lockstep

Mobile: +61 (0) 414 488 851
Email: swilson@lockstep.com.au

Leveraging external accreditation to achieve PKI cross-recognition

A light touch, standards-based framework for cross-recognition of Certification Authorities that have been externally accredited, thus allowing certificates from one jurisdiction to be used in another. Paper presented to the Attorney Generals Privacy and Security conference, Melbourne, August 2001.

The proposed framework is a response to the current situation where certificate users (both Relying Parties and would-be Subscribers) are increasingly faced with the option of using existing CAs, which typically operate outside the users' immediate community of interest. All things being equal, users wish to avoid the cost and lead time of establishing local CA solutions from scratch, and they therefore require reliable information about the appropriateness of available external PKIs. The framework places the responsibility for that information in the hands of the local community of interest, and allows it to make maximum use of existing accreditation of CAs under external PKI schemes. The proposal preserves the autonomy of local community to set its own business rules and minimum standards.