Is There a Certificate in Your Future?
Presented by Ed Krol, CCSO

The X.509 standard for digitally determining who you are and what you can do has been in place for quite a while.  People have been talking about the utility of its facilities for years but little wide-scale acceptance has happened to this point.  This is mainly because of a big chicken and egg problem: the technology requires a lot of policy and infrastructure to deploy and no one is willing to make the investment without an application in the wings.  Now the Federal government is leaping on this technology with both feet and wants higher education to follow.  We will look at the basis for this technology, why it is attractive, what it buys you, and what the impediments and problems with implementation are.

Presentation Outline:

Motivation
         Authentication & Authorization

         Certificates in an Auth/Auth role
         Federal Pressures

Technology
         Public Key
         Certificates    
Uses
                  Identification
                  Encryption
                  Authorization
                  Digital Signatures
         How many certs are necessary
         Relationship to LDAP

Trust Models
         Self Signing
         Certificate Authorities
         Who do you trust

Impediments to Deployment & Problems
         Digital signature
         Key escrow
         Key distribution
         Key management issues