Sunday, 22 June 2008

Is there a future in PKI?

PKI is something which often strikes fear into the hearts of IT managers and administrators. It can be complex, fiddly to administer, and slightly ethereal at times. The expense of a PKI is often difficult to justify over a large enterprise, especially when it can't be guaranteed that identities will be trusted outside their own domain.

Speaking to a friend this weekend, he told me to take a look at Certipath - an interesting company with a great pedigree. From their website:

In late 2003, ARINC, Exostar, and SITA began discussions on how to jointly operate a PKI Bridge to meet the needs of suppliers to the U.S. DoD and UK MoD. Both the Air Transport Association (ATA) and Transglobal Secure Collaboration Program (TSCP) had simultaneously been working on specifications that called for such a trust broker. The need of the A&D industry to interoperate with the U.S. DoD was the initial requirement, with a secondary need of being able to exchange PKI-enabled data with other suppliers in a trusted manner. The global aspects of addressing the European Union, Canada and AsiaPac/Australia drove the need to have a consortium of companies with competencies in security and communications.

CertiPath LLC was formed to provide this service in June 2005, and went ‘live’ in May 2006. The service is now operational with Boeing, Lockheed Martin, BAE Systems, Raytheon, Northrop Grumman, EADS, and the U.S. governments’ Federal Bridge Certificate Authority (FBCA). For more information please visit

Now, if this had been set up commercially, I wouldn't expect it to succeed, but the fact that this already services most of the important defence companies in the world, I think that people are going to want to pick up on it. I would certainly expect the UK and US governments to pick up on it more than just in their defence departments, and extend it to the rest of their concerns.

What I particularly like about this is the way that it links into data security with federated identity. Soon, all of the junior ministers (because it's always junior ministers) will be able to leave their laptops on trains, in taxis and in the local park with complete impunity.

No comments: