[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

US Postal Public Key



The list Cyberia posted an article yesterday on the US Postal 
Service's plan to use a public key system for email. 

If anyone wants the full posting, email me; it's about 25K.


Below are excerpts:


Quote:

Quebec City, Canada, August 3, 1994--The U.S. Postal Service 
has
dramatically increased its commitment to the security of
communications on the NII, with the announcement of Postal
Electronic Commerce Services ("Postal ECS"), which will offer a
nationwide public key certification service for the 
authentication
of digital signatures used in paperless electronic commerce.   

Richard Rothwell, Senior Director of Technology Integration for 
the
USPS, officially released the news today in Quebec City, in a 
paper
delivered to an international working group of the Information
Security Committee of the American Bar Association's Section of
Science and Technology, which has been developing guidelines 
for
public key certification authorities. 

[Speech is all in uppercase]

* * *

AS MANY EXPERTS HAVE NOTED, INCLUDING MANY OF YOU IN THIS
ROOM, DIGITAL FILES AS A RULE ARE NEITHER AS SECURE NOR AS
ELECTRONIC COMMERCE CONVEYS.  BUT WITHOUT SOME METHOD OF 
SEALING
A DIGITAL FILE TO ESTABLISH ITS CONTENTS, AUTHOR, AND TIME OF
TRANSMITTAL, THE BENEFITS OF ELECTRONIC COMMERCE WILL 
INEVITABLY
BE LIMITED TO HIGHLY STRUCTURED TRANSACTIONS BETWEEN PARTIES 
THAT
KNOW AND TRUST ONE ANOTHER.

* * *

THE POSTAL SERVICE IS USING PUBLIC KEY ENCRYPTION TECHNOLOGY, 
AND
RELATED TECHNOLOGIES, TO DEVELOP A PUBLIC KEY CERTIFICATION
AUTHORITY AND A SET OF ASSOCIATED TRUSTED THIRD PARTY SERVICES
WHICH WE CALL POSTAL ELECTRONIC COMMERCE SERVICES (POSTAL ECS). 

WHEN INITIALLY DEPLOYED, POSTAL ECS WILL PROVIDE A BASIS FOR
ELECTRONIC ASSURANCES WITHIN AND AMONG GOVERNMENT AGENCIES, AND
BETWEEN GOVERNMENT AGENCIES AND THEIR CONSTITUENTS.  IN
PARTICULAR, THE POSTAL SERVICE HAS DEVELOPED THE ABILITY TO:
     
         ISSUE PUBLIC KEY CERTIFICATES AND STORE THEM IN A
          PUBLIC DIRECTORY; 
         PROVIDE FOR THE "SEALING" OF SELECTED DOCUMENTS OR
          OTHER ELECTRONIC OBJECTS AND ASSOCIATING THEM WITH A
          DIGITAL SIGNATURE AND A TRUSTED TIME AND DATE STAMP;
         PROVIDE SERVICES FOR PUBLIC KEY CERTIFICATE 
PUBLICATION
          AND REVOCATION; AND, 
         PROVIDE THE ABILITY TO ENCRYPT CONFIDENTIAL 
INFORMATION
          MOVING BETWEEN THE USER ENVIRONMENT AND THE POSTAL 
ECS
          MANAGEMENT SYSTEM.
         FINALLY, PROVIDE NEAR REAL-TIME ACCESS TO 
CERTIFICATES
          AND THEIR STATUS.
     
THE CERTIFICATION AUTHORITY WILL ISSUE AND MANAGE X.509 PUBLIC
KEY CERTIFICATES CONTAINING A PERSON'S X.500 DISTINGUISHED 
NAME,
PUBLIC KEY, AND OTHER IDENTIFYING INFORMATION.  USERS CAN THEN
RETRIEVE A CERTIFICATE FROM THE POSTAL SERVICE, AND USE ITS
PUBLIC KEY TO AUTHENTICATE A DIGITAL SIGNATURE GENERATED BY THE
COMPLEMENTARY PRIVATE KEY.  

* * *

THESE USER AGENTS CONTAIN STANDARD PROGRAMMING INTERFACES THAT
LINK USER APPLICATIONS, CRYPTOGRAPHIC ROUTINES, AND ECS 
SERVICES
TOGETHER.  OUR INITIAL IMPLEMENTATION IS BASED ON THE DIGITAL
SIGNATURE STANDARD (DSS) ALGORITHM SET; BUT OUR PLAN IS TO
SUPPORT OTHER CRYPTOGRAPHIC OPTIONS SUCH AS RSA IN THE NEAR
FUTURE. 

* * *

IN KEEPING WITH THE PHILOSOPHY I HAVE ARTICULATED, LET ME SAY
THAT THE POSTAL SERVICE, IN ANY DEVELOPMENT OF THESE PRODUCTS,
INTENDS TO SUPPORT MULTIPLE CRYPTOGRAPHIC PRODUCTS IN THE 
MARKET
PLACE.  IN ADDITION, WE WILL NOT COMPETE WITH NETWORK SERVICE
PROVIDERS, NOR WILL WE BECOME A NETWORK OR CARRIER.

* * *

End Quote.