Information on this web site is preserved for legacy purposes only. The OASIS PKI Member Section transitioned to the OASIS IDtrust Member Section in 2007. OASIS Technical Committees affiliated with the Member Section remain active.
  About PKI Forum PKI Members Join PKI Forum PKI News PKI Events OASIS Members Only  


PKI Resources
 White Papers

Technical Process
 IPR Policy
 TC Process

Technical Committees
 Current TC List

OASIS Network
 CGM Open

OASIS Info Channels
 Cover Pages

PKI Forum News


For further information:
Judith Vanderkay

PKI Forum Publishes New White Papers to Define PKI Policy And Clarify Interoperability Issues

WAKEFIELD, Mass., May 2, 2001 - The PKI Forum, Inc., a multi-vendor and end-user industry consortium created to accelerate the adoption of public-key infrastructure (PKI) technologies, (, today announced the public availability of four new white papers which address the use of PKI to achieve secure IT interoperability between enterprises.

The white papers ("PKI Interoperability Framework," "PKI Policy," "CA-
CA Interoperability," and "U.S. Healthcare"), authored by the PKI Forum-s Business Working Group and Technology Working Group, were developed to identify and resolve barriers to multi-vendor product interoperability and to increase market awareness of the benefits of public-key infrastructure. They were introduced at the RSA Conference 2001 in April and are now available to the public on the PKI Forum Web site at

"Just over a year after the formation of the PKI Forum, our Working Groups are already playing an important role in establishing common definitions for the industry and recommendations for moving forward," said PKI Forum President Lisa Pretty. "These activities provide a solid platform on which our members can continue to work together and come to a consensus on issues of importance to both users and suppliers of PKI-based technologies."

White Paper Content
The Technology Working Group-s "PKI Interoperability Framework" presents a common framework of definitions that can be used when discussing interoperability issues between PKI vendors. The white paper presents three major areas of interoperability: component-level, involving interaction between systems directly supporting and/or consuming PKI-related services; application-level, covering support for multiple applications from different vendors on the same end-system; and inter-domain, which deals with the issues and options associated with achieving interoperability between two enterprises.

"The PKI Policy" white paper from the PKI Forum-s Business Working Group provides general information about PKI policy, the role that policy plays in PKI, and how that policy applies to both traditional and PKI-enabled business environments. It also outlines high-level issues regarding PKI policy including certification practices, required documentation, and a discussion on how a PKI policy can be effectively managed.

The Technology Working Group-s "CA-CA Interoperability" paper discusses the issues associated with establishing interoperability between otherwise isolated PKI domains, and also covers interoperability concerns between certification authorities (CAs) within the same domain or under a common corporate infrastructure. Certificate policies, certification practice statements and PKI disclosure statements are also examined.

The healthcare industry requires secure and trusted electronic communication between many business entities on a regular basis, yet dealing with patient privacy and the protection of health records has become increasingly complex and more critical. "U.S. Healthcare" was produced by the Business Working Group to document the essential need for a secure IT infrastructure in healthcare that would increase efficiency of service without compromising patient privacy. It also identifies the challenges of passing government legislation that will be needed to accomplish the goal of a secure, confidential healthcare infrastructure.

About Public-Key Infrastructure
A Public Key Infrastructure (PKI) is a combination of hardware, software, policies and procedures. It provides the basic security required to carry out electronic business so that users who do not know each other, or are widely distributed, can communicate securely using a chain of trust. End-users of PKI cross industry lines and include anyone from the small office/home office client to large corporations, and from complex businesses to specific verticals.

About the PKI Forum, Inc.
The PKI Forum is an international, not-for-profit alliance comprised of technology and service providers, integrators and end-users whose purpose is to accelerate the adoption and use of PKI and facilitate interoperability through multi-vendor testing of industry standards and educational outreach. The PKI Forum advocates industry cooperation and market awareness to enable organizations to understand and exploit the value of PKI in their e-business applications. Although PKI Forum meetings are intended for members only, organizations interested in becoming members may attend one meeting for a nominal meeting fee. For more information about the PKI Forum, see the PKI Forum Web site at

# # #



Copyright © OASIS Open 2006. All rights reserved.