Unlike a local programme of security activity here, PEM UAs are, or
ought to be, at an advanced stage of pre-deployment; I would urge the
20 or so developing sites to now begin to perform open beta and user
piloting of the services.
We (TIS) heartily agree. We are currently testing our implementation
at several sites. We have had one or two interactions with other
implementations, and we would be delighted to have additional
interactions.
Everyone seems to be waiting for everyone else to act, or the DARPA
lead project to pronounce. This is not the American R&D groups I know
from their stirling ISODE participation. Take a leaf out of the ISODE
organization handbook; have the design and beta-bug rows in private,
but let the actual support process of user trials be public.
Actually, there isn't any deadlock. The grand plan is for the
Internet Society to operate the top of a certificate hierarchy, but
that's not impeding progress. Our implementation is set up to support
cross-certification. In general, cross-certification is viewed as
temporary step for those groups that are not part of the Internet
hierarchy, but it could last indefinitely long.
From our point of view, the only thing holding up wide deployment is
immaturity of our software. Sigh.
PEM makes some large designs assumptions in relation to the management
of personal security credentials and their revocation. It advocates
specific policies which many do not believe will scale or offer global
connectivity at the required level of service. Others believe that
once you communicate with parties beyond a high-assurance CA, you can
have no confidence of anything as domains neither monitor nor enforce
inter-domain minimum operational assurance requirements.
But rather than stalling the whole process with such analyses, can we
not just try it out?
This is where we are now. All analyses are on hold; the rush now is
to get this into service.
If PEM fails to match the its competition in the open market, then
it has to die like lots of IETF RFCs before it. Its quite a normal
event.
Yes, this is a serious and credible threat.
If Users love PEM in practice despite its (alleged) faults,
then it will have made a solid step forward, and we can all work on
the sequel: PEM-II.
Right.
Who will take the first step, and give this volunteer site (UCL-CS)
a PEM-UA to play with? To solve any export problems, we will handle
all the CA and key parts for initial piloting purposes.
Ah, there's the rub. The export rules don't work that way. It's not
just a matter of deleting the DES code and shipping you the rest; the
rules are stricter than that.
Not much we can do for you right at this moment. but if you do obtain
an implementation, we'll be eager to interoperate with you.
(Engage me in a private discussion if you want to probe this further.)
Steve