ISOC PKI Working Group
Frequently asked questions
The following FAQ-section was compiled by Francesco Orlando and Remo Tabanelli, members of the ISOC-PKI Working Group. Note that the answers in the FAQ reflect the recommendations of the working group, as presented in the White Paper, not necessarily any views or policies ISOC might have on the issues discussed in it.
Q.1) What's the purpose of the ISOC-PKI working group?
A.1) The purpose is to discuss the possibility of implementing a PKI
used exclusively within the Internet Society
Q.2) What will ISOC-PKI be useful for?
A.2) The purpose is to identify Internet Society (ISOC)
Members when they interact electronically with ISOC, ISOC Chapters or
other bodies relating to ISOC. An example would be electronic voting.
Q.3) What is PKI?
A.3) PKI, (Public Key Infrastructure), is a system that facilitates the distribution of public keys for Public Key Cryptography It is an infrastructure to provide a secured environment to transfer data from one point to another, with allowed and verifiable identity. As there are many security infrastructures available, PKI provides us with a cohesive set of procedures and services to conduct a secured transaction. The PKI provides a complete life cycle management system in handling keys and certificates.
Q.4) Why PKI was preferred to other systems like PGP?
A.4) That choice was dictated exclusively from the application's need.
Because the ISOC members and the ISOC organizational structure are
viewable as a "managed Closed User Group" mapping the ISOC by a simple
PKI infrastructure is straigthforward.
Q.5) What are the needs of ISOC to equip itself with this PKI?
A.5) PKI has the potential to be useful to ISOC in helping to validate
the identity of its Members. PKI will permit to identify Members
univocally while they vote, and while they approach ISOC's secured web
sites.
Q.6) Can anyone ask to obtain an ISOC's identity certificate?
A.6) No, because ISOC-PKI is intended for ISOC's internal use
only.
Q.7) Where may I ask for an ISOC's identity certificate?
A.7) When the ISOC-PKI will be activated, the Members will apply for a
certificate directly from ISOC.ORG, or from the local ISOC Chapter, where one exists.
Q.8) What constitutes the personal identification of a paying Member
of a Chapter?
A.8) The personal identification consists of verifying
the exact
correspondence between name, email and ISOC-id
by a trusted delegate of the Registration Authority (the local
Chapter).
Q.9) What constitutes the personal identification of a Global Member
without Chapter affiliation, or when a Chapter does not charge membership
fees?
A.9) The personal identification consists of verifying the
exact correspondence between name, email and ISOC-id.
This requires a meeting in person with the Registration Autority to
provide at least one form of legal photo identity documentation (a
valid personal document carrying a recent photo that allows the sure
identification of the Member.)
Q.10) How may I obtain a digital certificate if I live in a country where
there is no local ISOC Chapter ?
A.10) You will have to apply for the certificate directly
from ISOC. For this identification a payment covering expenses may
be requested.
Tommi Karttaavi/2004-01-21