It is widely accepted that the success of e-commerce depends on a trusted, open authentication framework, for without authentication, nobody can be sure of who or what they are dealing with over the networks. There is broad agreement amongst users, application developers, standards bodies and IT vendors that public key technology provides the best solution. A number of parties in Australia have been working to realise a Public Key Authentication Framework (PKAF), including the Commonwealth Attorney General, OGIT and Standards Australia. In the meantime, several commercial Certification Authorities have set up shop offering public key authentication services for a variety of purposes. Yet no high level consensus has yet been reached on the constitution and control of the PKAF.
Numerous issues are playing out, including possible law reform, technology neutrality, privacy and, last but not least, the fundamental role of government in industry development. As a result, a state of confusion exists which is inhibiting the rollout of much business-to-business electronic commerce. This paper will analyse the major issues and argue for greater government involvement in the establishment of the PKAF in line with the clear market direction.
In the on-line world, the first question has always been "how do I know who I’m dealing with?". The primary problem is of course separation; you have no direct means of telling who is really at the end of the line. In on-line business, the question is turned on its head. To prepare yourself for doing business electronically, the question is "how do I prove to others who I am?". A strategic choice needs to be made as to the authentication technology that will best project your identity and business attributes.
Authentication can be seen as a staircase, as in Figure 1. The first step is to prove your personal identity. In business however this is rarely enough; you need also to prove your authority to deal in the transaction at hand. Different authorities or attributes may attach to different transactions (and a good authentication technology will cope with this variability).
Figure 1: The Authentication Staircase
At the top of the staircase is "Persistent ID" — the ability to prove yourself to multiple parties with the one authenticator. This is not merely a matter of efficiency. Persistent ID is also the key to proving yourself to people who don’t already know you, one of the ultimate goals of much e-commerce. Remember that password authentication (including random or one-time PIN generators) only serves to identify you to an entity that already knows you, via a server where you have been previously registered.
In authentication debates, much is made of the "aggregation of trust" in traditional business dealings. For example, you tend to build up relationships over time with retailers or suppliers, where familiarity, experience and physical presence all add to the security of your transactions. Aggregation of trust is all but impossible in a purely electronic environment.
Many electronic authentication schemes, especially public key schemes, are based on a "delegation" of trust in place of aggregation. This has struck some as abnormal, yet this form of trust is well worn in many types of business, especially where people act as officers of organisations or members of special groups.
Medical doctors are a good example. A doctor is authorised to write drug prescriptions and a pharmacist will usually fulfil a prescription without personally knowing the doctor who wrote it (after all, we would expect the doctor’s signature to be illegible!). The pharmacist’s ability to trust the prescription is based on there being systems for issuing prescription forms only to registered doctors. So the pharmacist trusts some parent body rather than the doctor herself.
A variety of authenticators are available in electronic commerce, including passwords, PINs, public-private key pairs, and biometric measurements such as fingerprints and signature dynamics. Authentication can be characterised as involving one, two or three "factors". The first factor is something you know, say a password. The second factor is typically something you own, such as a key pair. And the third factor is typically something you are; that is, a biometric. True ownership of second and third factors is the basis of strong authentication, and this is where certificates come in.
A Certification Authority (CA) is a trusted agent that binds the owner to their authenticator(s). A certificate is a tamper resistant document that evidences the binding and traces it back to the CA. Different standards of identification may apply to the recipients of different certificates, and higher "value" certificates obviously merit more stringent identification protocols. For personal certificates, this commonly means the presentation of high grade identification documents, but for special purpose business certificates, identification may be implicit in existing, pre-certification processes. A doctor for instance may not have to present her passport and drivers licence in order to obtain a certificate if her registration board was to act directly as a CA, since she will have already been identified at the appropriate level.
In all cases, the policy under which a CA issues its certificates is of paramount importance. The certificate policy specifies the intended use of the certificates and documents the identification protocols that are to be followed.
Public key certificates are themselves authenticated by digital signatures and so each CA needs its own certificate. A hierarchy of CAs and a chain of trust naturally emerges. While lower levels CAs issue certificates to end users, higher level CAs are dedicated to certifying other CAs. A "CA certificate" is only good for signing certificates.
Now, whereas to qualify for a user certificate, a user must submit to identification by a CA, in order to qualify for a CA certificate, a CA must satisfy the issuer of their fitness to operate as a CA. Typically, the higher level issuer will in fact write the policies for the CAs it certifies (probably in cooperation with those CAs) and is therefore often dubbed a "Policy Creating Authority" (PCA).
Standards Australia in 1996 published a detailed discussion paper on the form and function of an Australian national Public Key Authentication Framework or "PKAF" [1]. The paper defined the roles of different levels of CA, from Organisational CA (OCA) at the lower levels, through "Intermediate CA" (ICA, equivalent to PCA), up to a Root CA at the top of the hierarchy. OCAs may delegate registration responsibility to Organisational Registration Authorities (ORAs). See Figure 2.
Figure 2: PKAF schematic structure
Since 1997, Standards Australia sub-committee IT/12/4/1 has been working on the technical standards to realise PKAF. These include uniform certificate profiles, registration processes, certificate policy templates, and an accreditation scheme. At the time of writing, two of the standards had passed through the public comment stage.
The concept of community has become important in the Internet and in electronic business. Membership of communities can be controlled by local OCAs under PKAF.
A vital property of the framework is that certificate policies may be varied from OCA to OCA, subject to the approval of an ICA. Within guidelines to be laid down by the PKAF standards, an OCA and an ICA will be free to reach agreement on policy suitable for the intended purpose of the OCA’s certificates. Validity and recognition of certificates issued under differing policies comes from the policy approval and monitoring functions of the ICAs. If an ICA is trusted to properly certify OCAs (and that includes review and audit of the OCAs’ policies), then all certificates issued by the OCAs may also be trusted, for the purposes for which they were issued. In this way, communities of interest with controlled membership can publish credentials in the form of certificates that are recognisable by users outside those communities.
Consider those bodies which today control registration of certain practising professionals. For instance, a law society and a medical registration board might both establish OCAs in order to issue digital certificates to their members 1. If the processes for issuing those certificates are integrated with present registration practices, then the certificates could represent electronic credentials. Thus, an electronic prescription digitally signed by a doctor could be trusted by a pharmacist, if the doctor’s certificate came from the recognised registration board. And likewise a title search digitally signed by a lawyer could be trusted by a home buyer, if the lawyer’s certificate came from a recognised law society. The relying parties in these respective transactions may care little for the actual identities of the signatories; rather, the relying parties need to trust their credentials.
The ability for people outside such communities to trust the certificates issued from within the communities comes from the ICAs in PKAF. ICAs will help create the certificate policies appropriate for each community, and will monitor ongoing adherence to the agreed processes. The existence of a current OCA certificate issued by an ICA, indicates that the ICA is satisfied in the OCA’s ability to apply its policy and thus that the certificates are fit for their intended purpose. And trust in the ICAs would come from a licensing scheme administered by a peak PKAF registration body.
Note therefore that certificates issued under PKAF by different OCAs are not all equivalent. Topical issues such as "interoperability" of certificates and "cross certification" between CAs seem to have led to a de facto expectation that certificates ought to be equivalent. But this is not the case at all. The certificates issued to doctors and to lawyers in the previous example would all be "PKAF compliant", trusted for their intended purposes, yet clearly they would not be equivalent in any way.
Australia has been at the forefront of public key system developments for at least the last three years. To this day, the PKAF paper represents one of the clearest expositions of public key infrastructure anywhere in the world. The PKAF work was built on the enormous expertise of its many public and private sector participants, and in turn, it has led to a stream of leading edge technical, policy and legal contributions. In this environment, a small number of IT firms and CAs have invested significantly in public key technology and are now beginning to see commercial success. And almost as a culmination of all this work sits the Commonwealth’s own all-of-government PKI — Project Gatekeeper.
In late 1997, the newly formed National Office for the Information Economy (NOIE) commissioned a Working Group to study the implementation of the PKAF [2]. The working group thoroughly endorsed the original PKAF model2, and clarified the structure of both the Root CA and peak policy functions 3. Yet now the rollout of a public key infrastructure in Australia appears to have stalled.
Some months after the Working Group released its recommendations, NOIE published a discussion paper proposing a generalised "National Authentication Authority" (NAA) [3]. A peak PKAF body is expressly not included in the NAA proposal. So, after all the work on PKAF, and even after Project Gatekeeper, the Commonwealth is pulling back from any governing role in public key security. Several issues are still playing out, some of which are examined below. In the meantime, a state of confusion exists which is retarding Australian e-commerce.
Thanks to a widespread presumption that the law doesn’t cope with cyberspace, many are deferring their entrance into e-commerce until governments give some sort of okay. Yet it turns out that no such permission is necessary; there is no legal reason to wait.
In mid 1997, the Attorney-General convened an Electronic Commerce Experts Group (AGECEG) to look into the need for law reform in support of e-commerce in Australia. The AGECEG’s terms of reference directed it to "report on the form and scope of the appropriate arrangements for regulation, if any, of EC transactions" (emphasis added) [4; App 2].
The group submitted its detailed and comprehensive report in April 1998 [4]. In July, the Attorney-General responded favourably to the report, announcing that legislation was to be developed to ‘remove legal obstacles’ to e-commerce [5]. Such law reform was welcome and indeed long anticipated. But a far more important message contained in the AGECEG’s work was lost in the noise: by and large, the law already copes with e-commerce. This piece of good news has yet to sink in with Australian business.
The AGECEG report certainly recommended legislation to clarify the status of electronic signatures, but it also asserted that:
the belief that the technological revolution of necessity entails the need for a legal revolution of the same magnitude is unwarranted. … In a number of areas, little change to existing law is required and the necessary modification and adjustments are readily to hand. [4; para 1.10]
And the Attorney-General’s news release stated:
[There] is clearly no requirement for sweeping changes to the law. Our legal system provides the certainty necessary for on-line commerce, subject to some modifications necessary to take account of technological changes. [5]
Insufficient publicity and explanation has followed the release of the AGECEG’s recommendations. As a result, what is actually a well-reasoned minimal legislative model is being widely misinterpreted by industry as a "do nothing" position on the part of government.
It is argued by most that public key authentication represents one particular technology and that it must not be given preferential treatment. Technology neutrality is a proper goal in all industry policy. Nobody wishes a repeat of the VHS-Beta debacle. And of course, we must remain open to new technologies.
But we must separate technology neutrality in the letter of the law from the possible need for regulation of significant technologies as and when they crop up in the market. There is no industry desire for public key technology to be enshrined in legislation; the AGECEG has shown convincingly that there is not need to do so. Rather, there is a widespread view in the market that it is proper for governments to recognise the commercial and social importance of what has become the dominant authentication technology — public key — by establishing a regulatory regime in the form of PKAF.
In some quarters, public key infrastructures have an undeserved, almost mythical reputation for centralisation and invasion of privacy (see for example [7]). With respect to centralisation, we have seen above how PKAF supports independent communities of interest. Furthermore, the PKAF structure possesses several properties that are in fact very good for privacy, as follows.
Fundamental to the government’s position on a peak body for PKAF appears to be its philosophy of not wishing to ‘back winners’ in industry. Instead, the government prefers for the market to drive technology take-up. In its mission for the information age, the government has expressed a number of guiding principles, including:
The NAA proposal [3] also reiterated this desire for the market to drive the uptake.
The NAA paper claimed that a "variety of authentication products and services, standards and systems [is] likely to be a feature of the Australian electronic commerce marketplace" and that this will be "likely to create some confusion and uncertainty" [3; p6].
The market has of course been driving the uptake of authentication technologies but the fact is that the last two years has seen a dramatic convergence towards public key. There is not any great variety of authentication technologies in use but there is indeed confusion. Many e-commerce users and providers are deeply confused by the lack of tangible policy support from government for where the market is now so clearly going. The policy disconnect is made obvious by Project Gatekeeper, which is seen as a major endorsement by government, as a user, of public key authentication.
The government can be confident that the market has driven this choice, and should now face the question of appropriate regulation of the dominant approach. Safety, security, certainty and openness — all explicit government concerns [8; p8] — in PKAF follow from a trusted peak body, invested with responsibility for policy and assurance. Thus the peak body would appear to fall well within the government’s own mission statement.
1. Technically, professional bodies might establish registration authorities rather than certification authorities, and outsource the certification, but this doesn't affect the principles of the discussion.
2. "The Working Group recommends the immediate establishment of a peak body to oversee the Australian National Electronic Authentication Framework. The Working Group further recommends that the focus of the peak body should, in the first instance, be to establish a National Public Key Infrastructure under the ANEAF." [2: iv].
3. "The Working Group recommends that the policy aspects of [a] peak body be separated from the operational aspects, into an Australian Policy Approval Authority (APAA) and one, or possibly more, Root Certificate Authorities (RCAs), respectively. It is anticipated that a national RCA will be required as early as the end of 1998." [2: iv]
4. "An organisation should only collect personal information that is necessary for one or more of its legitimate functions or activities." [6; sect 1.1].
5. A recommender in a web of trust acts to introduce two parties who otherwise do not know each other. If Alice trusts Rick to recommend people, and if Rick trusts Bob, then in theory Alice too can trust Bob.
[1] "Strategies for the Implementation of a Public Key Authentication Framework (PKAF) in Australia"; Standards Australia SAA MP75 1996 (executive summary available at www.acs.org.au/president/1996/epubs/pkaf.htm).
[2] "Strategies for a Peak Body for an Australian National Electronic Authentication Framework"; NOIE National Public Key Infrastructure Working Group; April 1998 (www.noie.gov.au/reports/npki/npkiworkingpartyreport.html).
[3] "Establishment of a National Authentication Authority - A Discussion Paper"; NOIE 1998 (www.noie.gov.au/reports/authenticate.html).
[4] "Electronic Commerce: Building The Legal Framework"; Report of the Electronic Commerce Expert Group to the Attorney General; March 1998 (www.law.gov.au/aghome/advisory/eceg/ecegreport.html).
[5] News Release of the Attorney-General "Legal Framework for Electronic Commerce"; July 1998 (www.law.gov.au/aghome/agnews/1998newsag/450_98.htm).
[6] "National Principles for the Fair Handling of Personal Information"; Office of the Privacy Commissioner; February 1998 (http://www.privacy.gov.au/news/p6_4_1.html)
[7] "Public Key Infrastructure Position Statement"; Roger Clarke; May 1998 (www.anu.edu.au/people/Roger.Clarke/DV/PKIPosn.html).
[8] "Towards an Australian strategy for the information economy"; Ministerial Council for the Information Economy; July 1998 (http://www.noie.gov.au/nationalstrategy/index.html).
Stephen Wilson is one of Australia's foremost experts in digital certificates and public key infrastructure, with twelve years experience in electronic commerce, information technology and R&D. He is in charge of the KPMG Certificate Authority in Sydney and has business development responsibility for the firm's CA services throughout Asia Pacific (KPMG is the first “Big Five” services firm to enter the CA market). Stephen is a member of the Standards Australia PKAF committee, the APEC Electronic Authentication Working Group, and the Certification Forum of Australia, and was an industry observer for the commonwealth’s Project Gatekeeper.