British Standards Institution

Source:: ISO/IEC
Committee:: IST/6 - Data communications
Categories:: Information management | Standardization. General rules | ICT | Information technology

Scope

The proposed standard is intended to be a new part of the ISO/IEC 9594 series. It will be developed as collaborative work with ITU-T Study Group 17. It is intended to be developed as common text and is expected also to be part of the ITU-T X.500 series of Recommendations.

The scope is to develop a specification for a Decentralized Public-Key Infrastructure (DPKI) based on the blockchain technology allowing a worldwide PKI where trust is established by consensus.

Purpose

Public-key infrastructure (PKI) as defined by Rec. ITU-T X.509 | ISO/IEC 9594-8 is one of the most important cybersecurity standards. It is widely used for securing net-banking E-government, E-Health, security in the power industry, etc. Most PKIs have a limited scope with respect to area or application. Interconnection PKI domains is possible but has challenges in establishing mutual trust.

The world is changing and there is a growing requirement for a PKI that covers the world, where trust is establish through consensus and not by a long chain of trust and where selected PKI information is available all over the world.

WHO has some plans for vaccination certificates issued by different countries to be made accessible worldwide. The cybersecurity then demands that X.509 certificates (public-key certificates and attribute certificates) are available and trusted all over the world. Similar requirement has been expressed within the telephone area, where fraud is a problem.

The proposed project will establish a decentralized PKI (DPKI) providing an additional capability to the current PKIs by allowing them to be attached to a worldwide blockchain in addition to their current services. Each certification authority (CA) can decide what of its issued X.509 certificates are made available within such a DPKI.

The DPKI is already under development within ITU-T Study Group 17. It will be a permissioned blockchain, where only trustworthy can participate. The project makes use of already established techniques and the adapting them to the specific purpose.

Comment on proposal

Required form fields are indicated by an asterisk (*) character.

How important do you think standardization is in this area? *

Do you agree that a standard on this subject is feasible?: *

Please give reasons for your selections above: *

Would you or your organization use the standard? *

Would you or your organization be prepared to participate in the development of the standard or to comment on the draft when it is available? *

Are you aware of any regulation, existing standards and other good practice information in this area in the UK (e.g. Industry codes of practice; company specifications, international or European Standards)? *

Would the development of a standard(s) in this area have a particular impact/relevance to SME, consumer, environmental or societal interests? *

Are you aware of any other organizations to which this proposal may be relevant? If so please provide details below. *

Additional comments on the scope or proposal:

Although BSI will not usually enter into correspondence regarding individual comments or suggestions we may wish to contact you to seek further clarification. Please indicate whether this will be acceptable: *

Discard

Please email further comments to: debbie.stead@bsigroup.com

Standard timeline

1. Proposal

Proposal start date:

11/11/2022

Proposal end date:

05/01/2023

2. Draft

3. Public Comments

4. Comment Resolution

5. Approval

6. Publication

Learn more about the standards development process

Standards Development

ISO/IEC NP 9594-13 (Ed 2) Information technology -- Open Systems Interconnection -- The Directory -- Part 13: The Directory: Decentralized public-key infrastructure (DPKI)

Scope

Purpose

Comment on proposal

Discard changes?

Submit comment

Submit comment

Follow standard

Unfollow standard

Error