1 / 10

PKI in Virginia

PKI in Virginia. September 2000. Commonwealth Bridge Project Time Line of Activity. COVITS Meeting - September 1999 Commonwealth of Virginia Information Technology Symposium Established by Secretary of Technology Richard Guida - Federal bridge talk PSA working group of COTS

elisha
Télécharger la présentation

PKI in Virginia

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PKI in Virginia September 2000

  2. Commonwealth Bridge ProjectTime Line of Activity • COVITS Meeting - September 1999 • Commonwealth of Virginia Information Technology Symposium • Established by Secretary of Technology • Richard Guida - Federal bridge talk • PSA working group of COTS • PSA  Privacy, Security, and Access • COTS  Council on Technology Services

  3. Commonwealth Bridge ProjectTime Line of Activity cont. • PSA Presentation at UVa - Oct 1999 • Richard Guida on Federal bridge project • Eye opener for the PSA group • November 1999 PSA Report • Recommended the state establish DSI • Digital Signatures Initiative working group • Requested UVa explore adapting the federal bridge model for use in the commonwealth

  4. Bridge Project Goals • Demonstrate adaptability of Federal approach to the Commonwealth • Simplify Virginia PKI Environment • Interoperability via a bridge • Agencies free to use best solution for their individual environments • Officially a DSI Pilot Project • Demonstrate a working bridge

  5. Goals and Results • Planned demonstration • DIT - VeriSign • VIPNET - Entrust • DGIF - VIPNET - Entrust • Instead used UVa signed Web-form demo application

  6. Technical • Pilot BCA based on • OpenSSL and OpenCA • Linux • Normally left turned off • Certificate profile based on Federal bridge project profile

  7. Virginia On-Line Transaction (VOLT) Certificates • Key DSI workgroup recommendation • Reduce complexity to ensure success • VOLT certificate idea • A set of open vendor neutral PKI standards • A VOLT bridge • VOLT should be default - not mandatory • An agency to issue VOLTs for smaller agencies?

  8. VOLT Certificate Policy and Practices Statements • COTS report – end of September • Expect a follow-on group charged to: • Develop the VOLT idea • Management structure • Draft/default Certification Policy Statement • Draft/default Certification Practices statement • Draft/default Subscriber Agreement • Anticipate starting with a relatively high assurance process • Many state agencies may choose to issue VOLT certificates

  9. A Potential Virginia Organizational Structure Secretary of Technology Audit – CPS VOLT Standards Committee Audit – Bridge MOA Audit VOLT Central Services Subcommittee VOLT Bridge Subcommittee Vendor BCA Operations From 7/30/00 Discussion Draft Paper

  10. Future and what have we learned? • Defer policy early on – focus on vision • Our Audit department’s involvement is critical • Timing is right  e-government is popular • Its ok to get involved at state level - help educate

More Related