|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Muscle] NIST Services
From: Peter Tomlinson (pwt
iosis.co.uk)
Date: Fri Apr 15 2005 - 16:45:39 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
No, but the takeup by citizens is not always very high. I hear the Japs
also have a poor takeup. Is there something missing from the customer
proposition? Not enough essential or even convenient services, perhaps?
Peter
Scott Guthery wrote:
> Anders:
>
> 1) The CEPS documents were full of "Payments" and we know how successful
> CEPS was.
> 2) I don't find "Payments" in many of the IAS/eID/CEN-224 documents
> either.
> 3) Aren't European card progams always "yet to be launched" :-)
>
> Cheers, Scott
>
> -----Original Message-----
> From: muscle-bounceslists.musclecard.com
> [mailto:muscle-bounceslists.musclecard.com] On Behalf Of Anders
> Rundgren
> Sent: Friday, April 15, 2005 5:18 PM
> To: MUSCLE
> Subject: Re: [Muscle] NIST Services
>
> I have a rather orthogonal comment to this.
>
> If you search for "Payments" or "GPEA" (Government Paperwork Elimination
> Act) in the FIPS-201 and SP800 documents you get zero hits.
>
> This part will be the biggest difference between PIV and its yet to be
> launched European counterparts.
>
> That is, the well-known US obsession for "security" comes at a price:
> Limited utility. In the EU we can't afford programs with such a limited
> scope except maybe for the 51:th state (The UK).
>
> There is a background to all this. Which Internet standard used by all
> "Netizens"
> has the lowest degree of security and credibility? That ought to be
> e-mail.
> The e-mail security add-on (S/MIME) was mainly designed by
> NIST/FPKI/IETF (essentially the same guys with different hats on) which
> has never gotten widely used as it does not scale outside of tightly
> managed circles. As we all know this has led to a very costly spread of
> e-mail-based viruses, spam and phishing.
> PIV is actually closely related to this proven deficient security
> architecture.
> The alternative takes another angle on security which is built on proven
> methods of establishing trust on a global scale, mainly borrowed from
> the financial sector.
>
> What's a bit odd is that almost all the technology for the likely
> alternative ("a scalable and secure architecture for information
> exchange and collaboration") is actually coming from US SW and HW
> vendors!
>
> Anders
>
> _______________________________________________
> Muscle mailing list
> Musclelists.musclecard.com
> http://lists.drizzle.com/mailman/listinfo/muscle
>
>
>
> _______________________________________________
> Muscle mailing list
> Musclelists.musclecard.com
> http://lists.drizzle.com/mailman/listinfo/muscle
>
_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]