• silicon.com
• Technology
• Security

By Sally Watson, 8 January 2001 15:30

NEWS Launched this month under the direction of the European Forum for Electronic Business (EEMA), the E1m (£634,000) scheme will be the first to bring together competing PKI technologies for independent testing in an attempt to establish a single set of standards for Europe. According to Jane Hedson, special project manager at EEMA, the idea grew from user dissatisfaction. She said: "The lack of interoperability is slowing down the progress of electronic business." Frequently hailed as the answer to internet security problems, PKI enables users to privately exchange data or money using a public and a private cryptographic key pair - obtained and shared through a certificate authority (CA). The problem facing most users is that both the sender and recipient need to use the same product. EEMA's project - dubbed the PKI Challenge - will bring together up to 25 different technologies to be tested by researchers at the UK Post Office laboratories. The process will be overseen by participating vendors and independent experts. The researchers will use Canadian vendor Entrust's product as their base technology. Hedson said: "We thought long and hard about the basic solution. We felt Entrust's was the most open - although not necessarily the best or the cheapest." Complaints from the user community about the lack of interoperability between products have been long and loud. A number of commercial groups have established standards for different vertical markets - like Identrus for the financial community - but despite these efforts and the commercial PKI Forum, consensus has remained elusive. Ian Walker, technical director at Entrust, defended the industry's progress. He said: "In terms of interoperability we're a lot further along than many people think - we're almost there for secure mail. Although, in terms of having total 'mix and match' products and services we still have a little way to go." Walker welcomed the extra impetus an independent organisation like EEMA will provide, but warned that another set of competing standards will only damage the industry. "They should fix on existing systems and actively demonstrate a move forwards," he said. The PKI Challenge will hold its first meeting on 31 January.