PKI and Digital Signatures Update

PKI and Digital Signatures Update

Benefit from a technology finally becoming mature (PKI: from Please Kill It to Promote and Keep It)

28 June 2006 (14-21)
Location: Sofitel Diegem (Diegem near Brussels (Belgium))
Presented in English
Price: 540 EUR (excl. 21% VAT)

This event is history, please check out the List of Upcoming Seminars, or send us an email

Check out our related in-house workshops:

Full Programme:
13.30h - 14.00h
Registration, coffee/tea and croissants
14.00h - 14.50h
Basics (PKI finally unleashed)
- Erik R. van Zuuren and Cristof Fleurus (Ascure)

PKI is becoming an important part (maybe even cornerstone) of any ICT-/eBusiness-infrastructure. It supports important functionality. No supporting infrastructure can be well designed if one does not know the expected functionalities (and their criticality / security requirements). This especially is true for PKI's. Some examples:

  1. PKI can be used to issue so-called certificates (i.e., the "digital passports") to authenticate a user before allowing access. The coinciding security requirements depend on the value of information behind it.
  2. PKI can be used to issue so-called certificates to sign documents for authenticity and integrity reasons or for formal contractual reasons. The coinciding security requirements depend on required proof-of-authenticity and potentially required level of liability.
  3. PKI can be used to issue so-called certificates to encrypt confidential information (either at communications- or at data-level). The coinciding security requirements depend on the value of information behind it.

So, design of a good PKI (and its environment - see below) depends on its usage. In this chapter we will give an overview of how and where PKI can be used and fly over the most important components/parts of a PKI-enabled infrastructure. This chapter will be illustrated with some PKI implementation examples among which the Belgian eID PKI.

14.50h - 15.40h
Legal and Standards
- Sylvie Lacroix and Olivier Delos (SEALED)

From the legal and regulatory side, there are no more legal barriers nowadays to use PKI. In particular, we have in Europe more than 5 years of e-signature practices, since the Member States implementation of the European Directive 1999/93/EC on electronic signature framework and the provisioning of underlying certification services. On the technical side, we will see that there are numerous standards guiding PKI implementations aiming to provide a technical framework to reach some interoperability between PKI-based applications.

However, we are still facing some discrepancies between technical and legal point of views leading sometimes to strange practical implementations, even when relying on the eID scheme. This section shall explain how to reconcile technical and legal perspectives provided correct implementations are in place.

15.40h - 16.00h
Coffee/Tea and Refreshments
16.00h - 16.50h
PKI-enabled Architectures
- Erik R. van Zuuren and Cristof Fleurus (Ascure)

In this session, we will treat several aspects of a PKI-enabled infrastructure and give you an important amount of useful information:

  • How to set up a corporate CA-structure?
  • How to handle (external) trusts?
  • Integration of eID's?
  • How to handle registration/suspension/revocation?
  • How to integrate and manage (S)SCDs?
  • How to integrate into IDM-environments?
  • What about key-vaults and key-recovery?
  • How to integrate with windows-environments?
  • What about potential X-sourcing?
16.50h - 17.40h
PKI and Digital Signature Best Practices
- Sylvie Lacroix and Olivier Delos (SEALED)

As it remains very difficult to map available standards to a particular business context, there is a clear need for guidelines to provide trusted PKI-based services and to develop, implement and deploy trustful PKI supported applications.

This chapter shall present the four domains to be taken into account in order to reach best practices for the implementation of PKI based services or supported applications: the legal & regulatory environment, the policies framework (based on the coinciding RFC's and best practices), the design guidelines and the specific technology aspects. This four domain principle shall be illustrated by the DIS-Institute initiative around trustful implementation of Belgian eID supported applications.

In particular, this section will also aim to give a good understanding of Certificate Practices Statement and Certificates Policies, and other more application-oriented policies such as Signature and Authentication Policies.

17.40h - 19.00h
19.00h - 19.50h
PKI-Application and technologies
- Erik R. van Zuuren and Cristof Fleurus (Ascure)

PKI only gets to its real potential when it is being effectively used. Therefore this chapter shall provide an overview of immediately available or soon to become available technology (and how it works) you can use to support your business or improve your security:

  • Strong Authentication for eBusiness, eGovernment
  • Strong Authentication-options within Windows-environments
  • Document-Signing Solutions within the market-place
  • Getting Form-Signing into production
  • Data Protection-Solutions available now
19.50h - 20.40h
Available applications
- Sylvie Lacroix and Olivier Delos (SEALED)

This section of the seminar shall be devoted to the description of current PKI supported applications or services while detailing several interesting case-studies with a clearly identified ROI:

  • Ministry of Flemish Government (G2C, G2G)
  • eID implementation at the Flemish Water Company VMW - Vlaamse WaterMaatschappij (G/B2C)
  • eTrienal project from the Walloon Region (G2G)
20.40h - 21.00h
Final Q & A
End of this seminar
        SPEAKERS »

Questions about this ? Interested but you can't attend ? Send us an email !