[KI-LC] PKI vs Non-PKI based trust models

Rainer Hörbe rainer at hoerbe.at
Mon Mar 14 08:08:41 EDT 2011

John, Patrick and I had a discussion about the pros and cons of federation models based on credentials versus assertions. The attached document is a preliminary result with conclusions like
PKI and non-PKI federation models need to be combined in most cases at higher LoA
To implement a federation an RFC 3647-style policy is insufficient; A more complete Trust Framework is needed
Whereas the Higher Education sector favors brokered trust, e-Government and Industry prefer the PKI approach. But it is not a question of one way or the other. 

Request for feedback:
I wonder where this discussion should be homed. FIWG, BCTF and TFMM are related, and it is also an extrakantarian issue. Any interest to take over this discussion?  

- Rainer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kantarainitiative.org/pipermail/lc/attachments/20110314/aedee619/attachment-0002.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pki vs non-pki.pdf
Type: application/pdf
Size: 94111 bytes
Desc: not available
Url : http://kantarainitiative.org/pipermail/lc/attachments/20110314/aedee619/attachment-0001.pdf 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kantarainitiative.org/pipermail/lc/attachments/20110314/aedee619/attachment-0003.html 

More information about the LC mailing list