Information on this web site is preserved for legacy purposes only. The OASIS PKI Member Section transitioned to the OASIS IDtrust Member Section in 2007. OASIS Technical Committees affiliated with the Member Section remain active.
  About PKI Forum PKI Members Join PKI Forum PKI News PKI Events OASIS Members Only  


PKI Resources
 White Papers

Technical Process
 IPR Policy
 TC Process

Technical Committees
 Current TC List

OASIS Network
 CGM Open

OASIS Info Channels
 Cover Pages

OASIS PKI Member Section FAQ

1. What is the OASIS PKI Member Section?

The OASIS PKI Member Section is a group of OASIS members who work together to advance the use of the Public-Key Infrastructure (PKI) as a foundation for secure transactions in e-business applications. It was formed in November 2002 with the migration of PKI Forum to OASIS.

2. Who are its members?

OASIS PKI Member Section members come from industry, including software and hardware vendors and the user community; government; implementers of security and trust systems making use of PKI; the legal and audit community; and individuals who have an interest in the properties and benefits of PKI. Any member of OASIS is welcome to participate in the work of PKI without additional dues or cost.

3. What are the goals of the group?

The OASIS PKI Member Section works to:

  • Accelerate the adoption and use of PKI as a critical enabler of e-business
  • Advocate industry cooperation in a vendor-neutral atmosphere
  • Enhance the value of PKI for customers and business partners
  • Increase confidence in deployment of PKI by customers and independent software vendors (ISVs)

4. What kinds of activities does the OASIS PKI Member Section undertake?

The OASIS PKI Member Section focuses on advancing adoption and deployment of PKI through education and facilitation. The group develops PKI interoperability profiles and champions product interoperability demonstrations to ensure that products are certified against those profiles. It provides an international forum for discussing issues, sharing solutions, and developing white papers and other deliverables that address PKI from several perspectives:

  • business and security needs
  • technical interoperability
  • enabling business applications
  • increasing awareness of available solutions, applications, and successful deployment

The OASIS PKI Member Section coordinates its activities with related OASIS efforts and with external organizations making use of PKI as part of other standards and solutions.

5. How long has the OASIS PKI Member Section been serving the community?

The PKI Forum was founded in 1999 as an alliance of vendors and users dedicated to supporting PKI as a foundation for e-business. It began formal operations in early 2000 and transitioned to become an OASIS Member Section in November 2002.

6. Does the OASIS PKI Member Section encourage open participation?

OASIS believes widespread adoption can only be achieved when all those affected by a standard participate in its creation. The consortium offers a range of membership levels that support an inclusive, international, and balanced member base. Archives of all OASIS PKI Member Section and OASIS PKI Technical Committee documents and emails are publicly accessible, so even non-members are able to monitor and provide feedback on our work.

7. What are the group's operating policies?

The Member Section operates under the OASIS PKI Member Section Rules of Procedure, OASIS Bylaws, IPR Policy, Technical Committee Process and other OASIS Policies.

8. How is the OASIS PKI Member Section governed?

Activities of the Member Section are managed by a Steering Committee that consists of five seats elected by members of the OASIS PKI Member Section. The selection of the Steering Committee is based on individual merit and is not tied to financial contribution, corporate standing, or special appointment.

9. What is PKI?

PKI is a fundamental security technology. PKI can be used for authentication of users, web sites, etc. PKI also provides the basic security required to carry out electronic business so that parties that do not know each other or are widely distributed can communicate securely using a chain of trust.

10. Who is using PKI today?

PKI users cross industry lines and span the globe. They include anyone from the small office/home office client to large corporations, and from complex businesses to specific verticals.

Although not an exhaustive list, here are a few examples of real world PKI solutions:

Singapore, Finland -- PKI for national ID
Australia, Ireland - PKI for secure tax filing
NATO -- PKI to support electronic procurement
Canadian Department of Defense -- PKI for accessing and communicating sensitive information
Canadian Government - PKI for secure government-to-citizen transactions
Wells Fargo Bank, Robobank, Identrus, Visa International, Canadian Payments Association,
Johnson & Johnson -- enterprise PKI to support operating companies, external contractors, partners, and customers
Fannie Mae - PKI for secure loan processing
U.S. Department of Defense, Viacode -- PKI for identification
Phyve, Kaiser Permanente - PKI for secure medical solutions
Microsoft, Sun Microsystems -- PKI for secure code distributio
Amazon, eBay, and many other companies that use a secure web server with an SSL certificate -- PKI for secure electronic commerce

11. Does OASIS maintain or develop the PKI standards?

No. The PKI standards themselves are addressed by IETF and ISO, bodies with whom OASIS maintains active liaison relationships.

12. How does PKI relate to other security standards?

See the OASIS PKI Technical Committee FAQ for more information.



Copyright © OASIS Open 2006. All rights reserved.