DCA MR: public key certification body registration

[David Chia]

> 
> What is needed is a smart card which generates its own key-pair and
> does the signing internally.
> 

Part of our proposed UNTPDC certification framework,
for reasons of security, and ease of use.

> As of a week or two ago, this did not really exist.  Now it does:
> 
> * Generates its own 1024 bit RSA key-pair with no possibility 
>   of exporting the private key. 
> 
> * Produces digital signatures internally.
> 
> * Stores certificates.
> 
> * Is produced by a major smartcard manufacturer.
> 
>    http://www.gemplus.com/presse/gpk4000_uk.htm
> 

They are one of the UNTPDC's strategic research associate.
They will be present at the Melbourne UN conference.
The other smartcard research associate that will be there
is De La Rue (ex Philips). Incidentally De La Rue card
will be running on system developed by the Philips Research
Lab in Melbourne. Of course SUN will want to talk about
their Java smartcard Spec and Gemplus is supposed to have one
under testing.

> 
> If we can get to a situation where all signatures and key-pairs are
> generated in this way - which involves suitable hardware interfaces
> for smart-cards on every computer or purchasing situation we want to
> use them in - then I think it will be a good outcome.
> 

I was told low cost (comparable to that for a floppy drive?)
serial port smart-card reader might be available for purchase
at the UN conference.

Hmm. I swear this is not a Dorathy Dix (sp?) question and answer.


David Chia,
RMIT University.