3rd CACR Information Security Workshop

Speaker
Michael Myers, Verisign

Title
Certificate Validation: Theory vs. Practice

Abstract
Recent developments in the PKI industry have enabled transaction-based certificate validation services. Such services naturally stimulate consideration of recurring revenue models in the context of today's Internet e-commerce marketplace. Yet it's important to understand that these services are but one component of a total PKI solution. This presentation will provide an overview of the rapid history of OCSP, will introduce a number of examples and variant models of how this technology is or will be deployed, and will conclude with identification of several factors crucial to the near-term decisions processes of those considering use of this technology as a component of their overall PKI solution.

Speaker Bio
Michael Myers, B.S., is a Manager of Business Development in VeriSign's Marketing Group. He has over 15 years professional experience designing and developing security systems. Prior to joining VeriSign at the beginning of 1997, he spent ten years with Motorola's Space Systems and Technology Group, where he led Motorola's architecture of the MISSI Network Security Managers (NSM) project. This DoD project involved development of a high-assurance Certification Authority Workstation, an Audit Manager, and a corresponding Audit Agent to the emerging DoD Security Management Infrastructure. As Lead System Engineer and Technical Director, he led the engineering staff in analyses and development of requirements and system design, an incremental development plan, security features and software design. Prior to the MISSI effort, Mr. Myers was involved in the design, development and deployment of various high-assurance key management systems for the U.S. Department of Defense, including some of the first network-level security protocol solutions.

Mr. Myers has been active in several standards-development activities, within the DoD MISSI program, the IETF, and the American Bar Association's Information Security Committee. Most recently, he initiated, led and guided to closure the IETF work on the Online Certificate Status Protocol (OCSP).