[LINK] government agencies' use of digital certificates

Tom Worthington Tom.Worthington at tomw.net.au
Mon Sep 11 09:10:52 AEST 2006


At 12:50 PM 9/6/2006, Roger Clarke wrote:
>At 9:50 +0800 6/9/06, brd at iimetro.com.au wrote:
>>... which/how many Australian government agencies enforce digital 
>>certificates for communication
>>with all external parties?
>
>Taken literally, an agency would most likely be in breach of the 
>AGAF if they enforced dig sigs in respect of all communications ...

Yes. Have a look at my quick summary of the various bits of the 
Australian Government e-Authentication Framework 
<http://www.tomw.net.au/technology/it/egovernment/index.shtml#agaf>.

>For various reasons, dig sig penetration has been signally unsuccessful.

Digital certificates are fiddly to use. At one I had about half a 
dozen digital certificates, none of which worked.

>That said, there are a couple of operational applications, in 
>particular the ATO for BAS and similar - a requirement that is 
>imposed on medium and large corporations. ...

I never got my ATO BAS certificate to work. Then I couldn't cancel 
the certificate, as I had to use it to identify myself to ATO's 
outsourced support center in order to have it cancelled.

ps: At the talk I went to in a bunker last week, AGIMO mentioned 
using a single sign-on via Australia.gov.au 
<http://www.tomw.net.au/blog/2006/09/government-service-point-and-search.html> 
. Identification from one agency or a private company (such as a 
bank), might be used for doing government business. That sounds more 
workable. The public wouldn't actually be using email, just typing 
into a web page on the secure site.

There are obviously lots of issues with this approach, particularly 
if they used the Microsoft security management technology.

See also: "Australia Post decides to cease KeyPOST" in the Link 
archives <http://www.anu.edu.au/mail-archives/link/link9904/0026.html>.



Tom Worthington FACS HLM tom.worthington at tomw.net.au Ph: 0419 496150
Director, Tomw Communications Pty Ltd            ABN: 17 088 714 309
PO Box 13, Belconnen ACT 2617                http://www.tomw.net.au/
Director, ACS Communications Tech Board   http://www.acs.org.au/ctb/
Visiting Fellow, ANU      Blog: http://www.tomw.net.au/blog/atom.xml  




More information about the Link mailing list