On Sun, 2003-12-21 at 06:39, Richard D Piper wrote:
In Australia, there is HESA (http://www.hesa.com.au), which provides this service. It is just complex to administer and for the end-users to configure/understand.
Richard,
There has been a long, ongoing discussion of PKI, HeSA and HIC, GPG/PGP and related topics on the Australian GPCG-talk (General Practice Computer Group) list over a period of several years. Unfortunately, I am not aware of any net-accessible searchable archives of that list, but I probably have many of the message squirrelled away in my mail archives if you are interested.
If they were not to hard to find, I would be interested.
Some of the deficiencies of the HeSA system have been addressed - such as a simplified user agreement (the original was over 50 pages long) - and client software libraries (for Java I think) which now support Linux and Mac OS X systems as well as Windows. But it is still a closed source system, and still uses dongles or tokens to hold the user's private signing and encryption keys (which has good and bad points - personally I think hardware devices are unnecessary but I concede that secure management of private keys without them is a non-trivial issue). Not sure if facilities for automated look-up of certificate revocation files has improved - that was also a problem.
I have been trying to get them to support Mozilla for some time (even on Windows), there is a "beta" guide to this which I am looking at. I find it hard to understand how they could have implemented a system that was meant to embrace and open standard, and then only really supported windows for so many years.
However, the biggest problem of the HeSA system is that they insist on generating key pairs on behalf of the end user, and then (hopefully securely) distributing them to the user. Of course, this modus operandi undermines the entire idea of private keys - that no-one else knows them, not even the certificate or registration authorities. I believe that HeSA may have or be about to give in to pressure to change this. I refuse to consider the HeSA PKI until they allow key pairs to be self-generated (and the public key securely and provably transmitted to the registration and certification authorities for signing and publication).
One of the real problems with there approach is that it is a huge amount of work to verify identities on a national basis, and keep up with the re-issuing certificated that have to be revoked. Identifying someone who works in the same hospital is easy ... but not someone you have not met who lives on the other side of the country. It was slow and complicated applying for the HESA dongle, ... just imagine that replicated for every medical practitioner in the country (to start and then each time they loose there dongle).
5. Use a gpg based infrastructure (doesnt easily support web browsers and most email clients require lots of setup to use)
This works on a "web-of-trust", type approach, which may not provide sufficient security in terms of client identification.
I suspect this is the case,
Oh, have a look at the Argus project at Uni of Ballarat (Google for it) - which amongst other things provides a wrapper around the HeSA PKI. It is currently free, but was funded to be open source and I gather it will be released as such soon.
Thanks I will take a close look at this.
Richard
-- Richard Piper
http://icu-web.org mobile:0438-120860 mail:[EMAIL PROTECTED]
