Certificates, Infrastructure and Higher Ed

There is considerable interest is the use of the X.509 certificates to address a number of networked computing needs in higher education. The technology itself is a powerful and elegant tool, but there are currently several major challenges to the successful use of certificates in a broad manner. This paper explores some of those issues and helps build an agenda for the work that needs to be done to realize the potential.

The software , protocols and legal agreements that are necessary to effectively use certificates combine to form a Public Key Infrastructure (PKI). There are many components within a PKI:

Among the potential uses for certificates is:

Individual authentication

Encryption of email

Digital signatures

Access controls

Each of these uses can place different requirements on the PKI components. For example, private keys for encryption may be escrowed while private keys for signatures may not be.

Consult this web site for ongoing developments in campus and higher ed PKI.



The Federal efforts can be viewed at http://gits-sec.treas.gov

Presentation at the Educause/NSF PKI Workshop in Snowmass on 8/12/99