EC98'ppt - PowerPoint PPT Presentation

About This Presentation
Title:

EC98'ppt

Description:

... Interoperability Panel. Lessons from the NACHA CA Interoperability Pilot ... Develop operating rules and guidelines to honor customer certificates between FIs ... – PowerPoint PPT presentation

Number of Views:35
Avg rating:3.0/5.0
Slides: 9
Provided by: davidm75
Learn more at: http://www.oasis-pki.org
Category:
Tags: ec98 | nacha | ppt | rules

less

Transcript and Presenter's Notes

Title: EC98'ppt


1
PKI Forum Technical Interoperability Panel
Lessons from the NACHA CA Interoperability
Pilot March 6, 2000 Julie F. Hedlund Senior
Director, Electronic Commerce, Billing Payment,
NACHA
2
Pilot Goals
  • Financial institutions function as certification
    authorities and registration authorities for
    their customers
  • Develop operating rules and guidelines to honor
    customer certificates between FIs
  • Develop a legal framework to establish liability,
    warranty flows
  • Achieve technical interoperability to support
    communication between multiple vendors

3
Pilot Participants
  • Bank of America
  • Citibank
  • Mellon Bank
  • Zions Bank
  • CertCo
  • Digital Signature Trust
  • Entrust
  • GTE CyberTrust
  • IBM Corporation
  • VeriSign

4
Interoperability
  • Pilot Tests Interoperability, defined as
  • technical interoperation
  • CRL minimum, OCSP optional
  • COTS whenever possible
  • Not a production standard
  • Not evaluating hierarchy
  • liability, warranties, defined business flow
  • participants understanding of roles and
    responsibilities

5
Overall Pilot Flow
Merchant Bank
Consumer Bank
(4) Merchants Bank validates Consumers
cert with Consumers Bank
(5) Merchants Bank gives status of
Consumer to Merchant
(1) Certs to Consumer
(3) Merchant sends Consumers cert to
Bank
(A) Consumer completes debit authorization
Consumer
Merchant
(2) Consumer sends signature and cert
to Merchant
6
Lessons Learned Pilot Implementation
  • Standards do not guarantee interoperability
  • cooperation and testing required
  • Specs should be defined in detail before testing
    begins
  • included in legal agreements?
  • Signature separate from SSL session
  • Revocation is pivotal
  • LDAP v. 2, CRL Pull minimum, 8 hour latency
  • OCSP Optional
  • binary check, merchant not notified of reason

7
Revocation, Revocation, Revocation
  • Revocation of a consumer's certificate proved to
    be the biggest challenge for all four banks
  • One bank did not offer revocation, others took
    1-4 days to process
  • Processing requests required manual intervention.
  • One bank revoked all certificates, not just the
    one requested
  • Focus on obtaining, exchanging revocation
    information -- need more focus on revocation
    processes

8
Opportunities...
  • CA Validation of authorization and performance
  • Authentication of revocation requests
  • Address scalability, both technical and legal
  • Online certificate issuance
  • Mutual authentication
  • Automated revocation response
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "EC98'ppt" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!