We use cookies to give you the best experience and to help improve our website

Find out what cookies we use and how to disable them

ISO/IEC NP 9594-13 (Ed 2) Information technology -- Open Systems Interconnection -- The Directory -- Part 13: The Directory: Decentralized public-key infrastructure (DPKI)

Scope

The proposed standard is intended to be a new part of the ISO/IEC 9594 series. It will be developed as collaborative work with ITU-T Study Group 17. It is intended to be developed as common text and is expected also to be part of the ITU-T X.500 series of Recommendations.

The scope is to develop a specification for a Decentralized Public-Key Infrastructure (DPKI) based on the blockchain technology allowing a worldwide PKI where trust is established by consensus.

Purpose

Public-key infrastructure (PKI) as defined by Rec. ITU-T X.509 | ISO/IEC 9594-8 is one of the most important cybersecurity standards. It is widely used for securing net-banking E-government, E-Health, security in the power industry, etc. Most PKIs have a limited scope with respect to area or application. Interconnection PKI domains is possible but has challenges in establishing mutual trust.

The world is changing and there is a growing requirement for a PKI that covers the world, where trust is establish through consensus and not by a long chain of trust and where selected PKI information is available all over the world.

WHO has some plans for vaccination certificates issued by different countries to be made accessible worldwide. The cybersecurity then demands that X.509 certificates (public-key certificates and attribute certificates) are available and trusted all over the world. Similar requirement has been expressed within the telephone area, where fraud is a problem.

The proposed project will establish a decentralized PKI (DPKI) providing an additional capability to the current PKIs by allowing them to be attached to a worldwide blockchain in addition to their current services. Each certification authority (CA) can decide what of its issued X.509 certificates are made available within such a DPKI.

The DPKI is already under development within ITU-T Study Group 17. It will be a permissioned blockchain, where only trustworthy can participate. The project makes use of already established techniques and the adapting them to the specific purpose.

Comment on proposal

Required form fields are indicated by an asterisk (*) character.


Please email further comments to: debbie.stead@bsigroup.com

Follow standard

You are now following this standard. Weekly digest emails will be sent to update you on the following activities:

You can manage your follow preferences from your Account. Please check your mailbox junk folder if you don't receive the weekly email.

Unfollow standard

You have successfully unsubscribed from weekly updates for this standard.

Error