Approach to Digital Signature Systems Deployment
draft-digital-signature-system-deployment-00
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Authors | John Marchioni , Yair Itzhaki | ||
Last updated | 2008-09-30 | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
Conventional deployments store keys on PC hard disks, application- server hard disks, or in tokens, and also introduce complications for user enrollment and management. User and administrator frustration with the conventional approach has cramped development of a market for PKI. As a result, PKI has not reached its utilization potential and is far from becoming ubiquitous. This document describes architecture for deployment of secure and efficient digital signature capabilities based on a centralized key- management approach and emphasizes the importance of not disrupting existing identity and authentication management and application infrastructure. An alternative architecture is documented here so that PKI deployments will lower their associated administrative burdens and deliver improved scalability.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)