One certificate doesn't work for all

While some organizations are moving toward creating a public-key infrastructure, others are still holding back before jumping in.

Ohio chief information officer Greg Jackson said his organization looked into creating a central PKI authority and asked other agencies to make a business case for applications requiring such a system. He said he could only justify one application — local health boards transmitting infectious disease reports to the Centers for Disease Control and Prevention — that would have required a higher level of authentication. All others would have just needed passwords and user IDs to access them.

"That's a technology looking for a solution," he said.

He was also concerned about the liability of a government, which acted as a certificate authority. He likened it to the issue concerning driver's licenses — originally issued only as legal permission to drive — being used as de facto national identification.

Featured

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.