The New OASIS PKCS 11 Technical Committee

Categories: Trusted Identity

As I mentioned in an earlier blog, RSA is transitioning the PKCS #11 standards effort into OASIS. The call for participation for the new OASIS PKCS 11 Technical Committee has now officially gone out from OASIS leadership, describing the process for joining the TC. The new public page for the PKCS 11 TC provides information regarding our first meeting on March 4th, as well as the goals, charter and other information about the committee.

We have an impressive list of initial sponsors for the TC, including Athena Smartcard, Bloomberg, Cryptsoft, EMC, HP, Oracle, Quintessence Labs, SafeNet, SecureAuth and Thales eSecurity. As a long-time advocate for PKCS #11, as well as the convener for the TC, it’s been great for me to see the level of interest in revitalizing PKCS #11. We knew there needed to be new mechanisms, new language bindings and new functionality for the PKCS #11 API in existing areas of usage such as HSMs and smartcards. But there is a strong and growing interest among committee members in developing the API to address critical requirements in new areas for PKCS #11, such as cryptographic interfaces for mobile and cloud computing environments. We’re also looking forward to strengthening PKCS #11 in other ways, such through providing new implementation guidelines, establishing processes for interoperability testing and defining conformance profiles.

diagram

If you’re interested in cryptographic capabilities and cryptographic interfaces, I hope you’ll consider joining the PKCS 11 TC. I look forward to seeing you at the first meeting!

Bob Griffin
Author:

Bob Griffin is Chief Security Architect at RSA, the Security Division of EMC, where he is responsible for technical architecture, standards and strategy, particularly for RSA’s data security products. He represents EMC to several standards organization, including as co-chair of the OASIS Key Management Interoperability Protocol (KMIP) technical committee. Bob has extensive experience in security strategy, corporate governance, business process transformation and software development. He has had the primary architectural responsibility for a number of production systems environments and for major software engineering projects at RSA, Entrust and Digital Equipment Corporation,. He is a frequently requested speaker for professional and industry conferences and has instructed courses within both professional and university settings.