1. CA-CA Interoperability Update Steve Lloyd Entrust Technologies

2. Agenda • Discuss purpose and scope of this work item • Introduce “core” team and call for additional participants • Identify sources of information (projects, documentation, etc.) • Discuss high-level table of contents • Review expected schedule for completion

3. Purpose and Scope • Attempt to address all aspects related to CA-CA interoperability, with an emphasis on cross-certification • Technical • Business • Policy • Legal • Will not include actual interoperability demonstrations

4. Project Participants • Current “core” team • Michael Baum (Verisign) • David Fillingham (US DoD) • Rich Guida (US Govt.) • Martin Lindstrom (Entegrity) • Steve Lloyd (Entrust) • Takuya Tamura (Fujitsu Japan) • Looking for additional representation from • Europe • Private Enterprise

5. Sources of Information • Various government and business projects and documentation, e.g. • Government of Canada Public Key Infrastructure Cross-Certification Methodology and Criteria • US Federal Bridge CA Project • Various Certificate Policy and CPS Related Documentation, e.g. • ANX Certificate Policy • NACHA CARAT Guidelines • RFC 2527 (and successor)

6. Proposed High-Level Outline • Introduction, Purpose and Scope • Discussion of relevant issues • Technical • Business • Policy • Legal • Survey and synopsis of existing methodologies/documentation • Role of documentation (CP, CPS, PDS) • Recommendations

7. Observations/Predictions • Different environments may require different methodologies (e.g., compare Government and Business sector) • We may not achieve universal agreement on all issues, but must do whatever we can to maximize common understanding • Ultimate goal is to promote interoperability

8. Major Milestones • First draft submission - 15 August • Peer review completion - 1 September • Status update and review - 13-14 September • Final submission - 29 September

9. www.PKIForum.org