SET (Secure Electronics Transactions)

• SET Facil (spanish) Easy SET (english). Home of the new concept allowing Financial Institutions to deploy easily SET to their cardholders and merchants.
• Banesto Page at TPV virtual
• Easy SET (1,5M) powepoint presentation as presented in the Europay Stockholm meeting in june, 2000.
• SET Fácil. I am very interested in SET, specially in the form has been designed by Banesto. In the  SET Fácil Project, Banesto adapt s every Escaparate Virtual Shop so can accept SET transactions for free, as long as the shop uses the Banesto virtual POS (TPV virtual). See a Diario El Mundo article reagarding this. You can get the wallet and ask for a SET certificate quite easily.
• SET Projects S.L. Home Page One of the few places where you can really see a SET transaction. SET projects has developed, as far as I know,  the only complete SET solution from the Wallet to the Payment Gateway and the Merchant Moldule. And at the same time the full SET hierarchy CAs. I worked closely with them when I was at NCR, to develop a full SET solutions for one of the biggest spanish department stores (I don´t know why they didn´t make any announcemet about that, so I´m not going to reveal who they are). Now SET Projects has become "Safelayer".
• SET Co (The standard keeper)
• SET Discuss (List regarding SET) at CommerceNet
• SET Information at VISA:
• SET Thesis
• SET News at:
• http://careers.computerworld.com/home/online9697.nsf/all/970609setlinks
  http://www.verisign.com/set/index.html
  http://www.zdnet.com/zdnn/content/pcwk/1403/pcwk0079.html
  http://www1.zdnet.com/intweek/daily/980902c.html
  http://www.maithean.com/products/setinterop.html
  http://www.terisa.com/products/swp/jset/jsetWallet.html

Cryptography

• COMMERCIAL ENCRYPTION EXPORT CONTROLS . Bureau of Export Administration (BXA) in the U.S. Department of Commerce. New Encryption Regulation - On January 14, 2000, BXA published a regulation implementing the White House's update to encryption policy announced on September 16, 1999. You can download the regulation in PDF format.
• Counterpane Computing security and cryptograpy consulting firm. You probably know its president, Bruce Schneier.
• Crypto Links - Researchers
• RonaldL. Rivest The R in RSA. Visit his page, read his information and follow his links.
• Sarah Flannery work and explanation.
• Sarah Flannery on Cayley-Purser: An Investigation of a New Algorithm vs. the RSA
• Security and Privacy related links at Cryptosoft.
• Security and Cryptography related links at Semper. Also links to Electronic Commerce sites and Cybercrime-Fraud
• SETECS and Sead Muftic.
• Security and Smartcards technology at Darmstadt
• Jean-Jacques Quisquater
• V Reunión Española Sobre Criptología Y Seguridad De La Información Spanish Crypto meeting partially sponsored by FESTE, the Foundation in which I was working at the time.
• ITU-T Recommendation X.509 TELECOMMUNICATION (11/9306/97) STANDARDIZATION SECTOR OF ITU
• Criptonomicón One of the bests crypto sites in Spain.
• MundoCripto   One of the bests crypto sites in Spain.
• Kriptópolis   One of the bests crypto sites in Spain.
• Criptología Interesting page of Jesús Cea Avión..
• AECSI Spanish Cryptology and Information Security Association
• SPISA Security Site by Manuel Mollar
• ASN.1 homepage (Philipp Hoschka, INRIA, France)  The OSI's Abstract Syntax Notation One is a must if you are woeking with crypto protocols.
• ASN.1 Tool by Francisco Jordan.
• ASN.1 links by OSS.
• EFF DES Cracker Project
• RSA Laboratories - Bleichenbacher Discovery Q&A
• Certicom List of Whitepapers
• Elliptic curves
• Taller de Criptografía - Enlaces
• Criptología
• COSIC's Home Page
• Security and Encryption Links
• International Association for Cryptologic Research
• Chromatix - LDAP & X.500
• Dec98: The Twofish Encryption Algorithm
• International Cryptography Pages
• RSA Laboratories' "CryptoBytes" technical newsletter
• The "CRYPT NEWSLETTER" Homepage
• Crypto Law Survey (Bert-Jaap Koops)
• Cryptography Export Control Archives
• Steganography Info and Archive
• Cryptographers Homepages
• European Cryptography Resources
• Commercial Encryption Export Controls (BXA)
• The Worldwide Cryptography Debate
• European expert hearing on digital signatures and encryption (Copenhagen, April 23-24 1998)
• Counterpane Internet Security, Inc. (Bruce Schneier)
• Selecting Cryptographic Key Sizes (Arjen Lenstra, Eric R.Verheul)
• Computational number theory and data security
• Handbook of Applied Cryptography (Menezes, van Oorschot, Vanstone)
• Cryptography Publishing Project
• Cryptographic Software Export Controls in the EU (thesis by Simo-Pekka Parviainen)
• Stegdetect
• NIST's Key Management Standards
• ID-PKC: IDentity-based Public Key Cryptography (CESG)

Protocols

• Object Identifiers Registry- Very helpful in BER coding
• SPKICertificate Documentation [Carl Ellison]
• Common Data Security Architecture
• SET Journal
• Sellado de Tiempo
• Welcome to Surety Technologies
• Timestamper Criptocuco
• PGP Digital Timestamping Service
• SSL Java Standard Extension to JDK 1.1
• RSA Laboratories - Public Key Cryptography Standards
• PGP Página índice
• PKITS
• Internet Mail Consortium
• PKIX Working Group
• SOCKS Proxy Protocol
• Lightweight Directory Access Protocol
• NIST PKI documents and presentations
• Virtual Private Network Consortium -- VPNC
• IPsec Standards
• Virtual Private Network Consortium -- VPNC
• Virtual Private Network Consortium -- VPNC
• IPSec Developers Forum
• IPSec Developers Forum: Technical Information

Software

• eWallet FREE online electronic wallet
• SSLeay.pm
• OpenSSL: The Open Source toolkit for SSL/TLS
• mod_ssl: HowTo
• mod_ssl: Documents, Misc
• mod_ssl: The Apache Interface to OpenSSL
• Squid Internet Object Cache
• Ghostscript, Ghostview and GSview
• MIT Jonah PKIX Freeware Distribution Home Page
• Netscape Security - Frequently Asked Questions
• DevEdge Online - Home Page
• DevEdge Online - Tools Software
• Netscape Object Signing Overview
• Netscape Object Signing: Establishing Trust for Downloaded Software
• Signing Software with Netscape Signing Tool 1.1
• Netscape Certificate Specifications
• Netscape Certificate Download Specification
• Netscape Security Documents
• Netscape Everywhere Free Unlimited Browser Distribution Program
• MSDN Online Library
• Microsoft Wallet
• Site Builder Network (SBN) Workshop Home
• Microsoft Security Advisor Program: How to Enable SGC in Internet Information Server
• Microsoft Security Advisor Program: Tips and Tools for Issuing X.509 Certificates that Work with Microsoft
• Novell DeveloperNet
• IBM security: Free PKIX Code Available
• Apache interface to SSLeay (mod_ssl), Title
• BSAFEeay, a public domain implementation of the BSAFE API
• The OpenCA Project
• OpenLDAP, Title
• Engineering Research Home Page (Elliptic Curves)
• Welcome to Panda Software's Website
• Baltimore .com site and .ie site
• iD2

Certification Authorities

• EESSI  (European Electronic Signature Standardisation Initiative)
• The Global Trust Register Where you should find the CA you are lookong for.
• AECODI Digital Trust Entities Association
• Valicert The standard in CRL verification
• FESTE Foundation for the Study of the Security in Telecommunications. The Certification Authority backed by the spanish Notaries and Trade Notaries. I worked very hard, launching it, and now it is very famous in Spain.
• CERES - Fábrica Nacional de Moneda y Timbre
• Fabrica Nacional de Moneda y Timbre (C E R E S)
• ACE
• IPS
• Camerfirma. Also you can find information in Catalan language
• Certification Authority Survey (DGXV Project)
• VeriSign The obvious.
• ICE-TEL and ICE-CAR.
• PKI Page Very extensive and useful page.The PKI page (alternate page)
• Security and Confidence in Electronic Commerce: Certification Authorities
• PKI Forum. The PKI Forum is an international, not-for-profit, multi-vendor alliance whose purpose is to accelerate the adoption and use of Public-Key Infrastructure (PKI) and PKI-based products and services. The PKI Forum advocates industry cooperation and market awareness to enable organizations to understand and exploit the value of PKI in their e-business applications.
• EuroSign- The European Certification Authority One of the first Certification Authorities in Europe, with a good name, but with a little confusing service right now.
• CA-TIC An interesting CA sponsored by the CSIC labs, the official R&D institution in Spain.
• Seguridata Privada S.A. de C.V. There is a very interesting work securing EDI an Interent communications in Mexico .
• GlobalSign - Trust On The Net
• Netlife AG
• Secure Computing Magazine - West Coast Publishing
• Microsoft's ActiveX Too Active
• PKI Law - Public Key Infrastructure
• OpenCA CryptoNews
• cryptlib Encryption Toolkit
• Public NTP Primary (stratum 1) Time Servers
• The Dawn Of A New PKI
• http--www.mobilephones-tng.com-v100-pki.html

• Inter Clear - The UK's first Certificate Authority
• National Automated Clearing House Association (NACHA) - Certificate Authority Rating and Trust (CARAT) Guidelines
• Baltimore | Global e-Security
• Welcome to Surety Technologies
• Software Industry Issues: Digital Signatures
• Certicom Corp. Cryptographic Technologies
• Autoridades de Certificación
• Página WEB de Clave Pública !!
• Página WEB de Clave Pública!!
• Cert'eM. Nodo lcc.uma.es
• Qualified Certificates

Electronic Commerce

• Directiva 2000/31/CE del Parlamento Europeo y del Consejo, de 8 de junio de 2000, relativa a determinados aspectos jurídicos de los
• 
  servicios de la sociedad de la información, en particular el comercio electrónico en el mercado interior (Directiva sobre el comercio electrónico)
   
• European Electronic Messaging Association (EEMA)
• Electronic Commerce and the European Union A good repository of EC information, specially regarding legal issues
• Welcome to The Open Group
• The Open Group Conference: Copenhagen, April 1999
• PayingBy Credit Card - Real World and Online A very interesting article about payment systems written by Keith Lamond and edited by Deborah Whitman
• Electronic Commerce Interesy Group at the W3 Consortium
• First Tuesday Madrid en e-groups
• Global Electronic Commerce
• Marketing y Comercio Electrónico
• BAQUIA
• Ley de Comercio Electrónico (Draft text of the Law in Expansión newspaper)
• Marketing y Comercio Electrónico
• Comunidades - Marketing y comercio electrónico
• CyberKyosco - Marketing Internet
• Ecuality.Com
• ECML.org Specifications
• Information Market Europe Home page
• Japan
• Internet Council (NACHA)
• SET Secure Electronic Transaction LLC
• Software Compliance Testing Vendor Status Matrix
• SET Projects S.L. Home Page
• SET Buyer's Guide
• SET Buyer's Guide
• http--www.ojd.es-f_cont_www.html
• Nua Strategic Internet consultancy for web development, web publishing solutions and Internet trends
• 1ª Encuesta sobre Marketing Internet y E-Comm
• Meridien Research - Providing Detailed IT Research for Financial Services
•  
• Memorandum of Understanding in Electronic Commerce
• BROKAT Infosystems AG
• INTERSHOP Communications Inc.
• Welcome to Mercantec - Web Sales Today
• MerchandiZer www.merchandizer.com e commerce shopping cart software
• Microsoft Site Server 3.0 Standard
• Site Server 3.0 Commerce
• Electronic Commerce
• Who is who in Electronic Commerce
• Electronic Commerce
• Electronic Commerce - Security Aspects
• Electronic Commerce - Legal Aspects
• "Expert candidature" - Call for applications
• AEA-AsociacionEspañola de Anunciantes- Home Page
• Maxim Reclam

Legal Issues

• Spanish Electronic Signature Law REAL DECRETO-LEY 14/1999, de 17 de septiembre, sobre firma electrónica. Validated by the Congress on October 21st
• Se aprueba la ley de firma electrónica (news in Estrella Digital, 22.10.99)
• Ley de Comercio Electrónico (Draft text of the Law in Expansión newspaper)
• Common Position (COM/99/0195 final of 29 April 1999) as amended proposal for a European Parliament and Council Directive on a common framework for electronic signatures in Spanish (PDF) and English (PDF)  validated by the European Parliament on October 27th
• Commission (DG15) welcomes new legal framework to guarantee security of electronic signatures (30 November 1999)
• Controller of Certification Authorities Singapore is probably the most advanced country in the world, regarding Certification Authorities regulation
• Ley30/1994, de fundaciones Foundations legislation in Spain.
• CENTRO ESPAÑOL DE FUNDACIONES
• Agencia Tributaria
• Xavier Ribas (Contract Soft)
• On Net
• Xavier Ribas - Tabla de casos judiciales originados por el efecto 2000
• Xavier Ribas - Firma digital
• Xavier Ribas - Dominios en Internet
• Contract-Soft - Comercio Electrónico
• Xavier Ribas - Ley General de Telecomunicaciones
• European Internet Forum Policy Papers
• DGXV - GD XV
• CORDIS BBS : Home Page
• DIGITAL SIGNATURE : Inventory of international regulatory, standardisation and commercial activities
• Colegio de Registradores de la Propiedad y Mercantiles
• EUROPARL: Web server of the European Parliament
• Centre For European Policy Studies (CEPS)
• ECLIP Homepage (ECLIP - Electronic Commerce Legal Issues Platform)
• ECLIP - Homepage en español
• Aquí Europa
• Página Principal del MAP
• Bienvenido a  B O E N E T
• Derecho Org - El Portal Jurídico en Internet
• Base Legislativa - Derecho Org España
• Bienvenido a La Ley - Actualidad
• Diario LA LEY
• e l   W e b   J u r í d i c o
• Net Lex
• InterLex - prima pagina del 4 maggio 1999
• Ley Orgánica 10/1995, del Código Penal
• Menu proyecto de ley de enjuiciamiento civil
• Página principal del Ministerio de Justicia
• EUROPEAN UNION - Selected instruments taken from Treaties
• INFOSEC: ETS
• Liste des propositions d’actes communautairesrestant en discussion
• Assemblée nationale - France
• EUR-Lex: European Union law
• Ottawa Ministerial
• ECLIP - Electronic Commerce Legal Issues Platform
• Christopher Kuner, Attorney-at-Law
• McBride Baker & Coles Summary of Electronic Commerce and Digital Signature Legislation
• Bundesamt fuer Sicherheit in der Informationstechnik
• DRAFT OF DECREE BY THE PRESIDENT
• SEGNALAZIONI STAMPA
• Christopher Kuner, Attorney-at-Law
• Comisión Nacional de Valores - Argentina
• Infraestructura de Firma Digital para el Sector Público Nacional
• Firma Digital
• Otras Referencias de Interés
• Digital Signature
• Nombres de Dominio, desde el Derecho. Javier A. Maestre
• Dominiuris, el Portal jurídico de los nombres de dominio en Internet
• Derecho,Informatica y TIC
• Digital Signature Legislation
• Notary Public Home Page
• COLEGIO DE NOTARIOS DEL DISTRITO FEDERAL
• Colegio de Escribanos de la Capital Federal
• THE CYBERNOTARY
• ABA CyberNotary Committee
• APEC: E-com Legal Guide to Indonesia
• GEORGIA DIGITAL SIGNATURE
• Texas DIR IR Rule for Digital Signatures and Certificate Authorities
• California Secretary of State - Digital Signatures
• California Secretary of State - Digital Signatures - Final Draft of Regulations
• Ernst & Young LLP - Assurance and Advisory Business Services - Information Systems Assurance and Advisory Services - Services
• MEMBER ALERT
• RULE TITLE: Licensure of Certification Authorities
• Florida Department of State
• AICPA
• LEGAL ASPECTS OF SECURE ELECTRONIC COMMERCE : WORKSHOP C
• Crypto Law Survey
• Crypto Law Survey - Page 2
• LEGGIO Openning

Smart Cards

• PC/SC Workgroup
• Smart Card News - The Daily News Source for Smart Cards
• Card Services International (CSI) : Newsletter : September 1998
• Europay International | SmartCard development

Hackers

• Hacker Crackdown - Contents
• Hacking; revistas de H/P/C/V
• Ericsson gh688 page - secrets and codes...
• http://mp3soft.da.ru - English version. FREE Download of CD-Rippers, Encoders, Players and music!
• #1 Crack Site
• - J.J.F. / Hackers Team - Deteccion de Intrusos 1.0
• H a c k e r N e w s N e t w o r k
• Milw0rm - Indian Nuclear Tests - milworm - Computer Security - Hacking and Hackers - AntiOnline
• ASTALAVISTA.BOX.SK

Internet Technology Related

• VDOnet- Real-Time Video & Audio over the Internet  Video conferencing software
• Network Management Concepts - ISO Network Management Concepts - Internet Network Management Concepts
• Computer Associates A very big company with al kind of software: databases, network management, antivirus,...
• Submit it Where do you go when you have a page to submit to search engines?
• Astruc, guia para principiantes, te ayuda a navegar sin perder el rumbo
• Mamma: Mother of All Search Engines
• ICQ Inc. - Download ICQ
• El servidor de Rodolfo Lomascolo y Monica Pujado
• [Plataforma -la_huelga-]
• Página Principal. MBR&INTERNET. Información, servicios y recursos gratis para Ud.
• Welcome to the InterNIC
• SecureYourDomain
• MetaCrawler When you need more than one search engine. Try This!
• XOOM.com
• Mind-it - Add Pages
• FERCA Network - oferta especial 20 mb
• !!! Opera The FASTEST Web Browser around !!! -
• Opera Software - Register Opera, because quality has its price!
• El InterCambio - ¡Anuncios Gatis!
• Patagon.com - Nuestro Archivo

 

Standards

• WSSN - World Standards Services Network
• ISO homepage, English, with graphics
• ISOReference Number Search
• Internet Drafts
• imc-pfl mailing list
• IETF Home Page
• Public-Key Infrastructure (X.509) (pkix) Charter
• IEEE P1363: Standard Specifications For Public Key Cryptography
• OII - Information Security Standards
• OII Standards and Specifications List
• OII - Payment Support Mechanisms

Organizations

• The Institute of Electrical and Electronic Engineers, Inc.
• Congreso de los Diputados Spanish Congress
• European Electronic Signature Standardisation Initiative

Linux

• ZDNet Linux
• Linux Distributions
• Proyecto LuCAS: Pagina Principal
• HispaLiNUX: Asociación de Usuarios Españoles de LiNUX

Books and Bookstores

• Bookon Hand ** Recommended** It is my wife bookshop. She is delivering a good service, just in case you need spanish books.
• GuíaPublired de Servidores WWW Españoles: Libros
• Chadwyck-Healey
• Catalogs (Library of Congress)
• International Federation of Library Associations
• Librerias - BookStores -
• MEC. Secretaría de Estado de Cultura
• RECURSOS DE INTERES BIBLIOTECARIO
• Britannica
• Britannica shopping
• La Libreria

---

Other PKI related stuff

Section Index:

• Extensive list of Certification Authorities
  • PGP Certification Authorities
  • CAs accredited by the German Digital Signature Act ("Signaturgesetz")
  • CAs accredited by the Italian Digital Signature Act
  • CAs licensed by the Utah Digital Signature Act
  • CAs licensed by Washington State's Electronic Authentication Act
  • CAs licensed by Oregon's Electronic Signature Act
  • CAs licensed by the North Carolina Electronic Commerce Act
  • CAs licensed by California's Digital Signature Regulations
  • CAs licensed by Nebraska's Digital Signatures Act
  • PKI Service Providers approved by the Texas Digital Signature Rule
  • Information related to the European Directive for Electronic Signatures
  • CAs licensed under the Gvmt of India IT Act 2000
  • CAs licensed under the Polish Digital Signature Law
  • TTPs registered under the Dutch Wet Elektronische Handtekeningen

   

• Other sites with useful information
  • Cryptography
  • Digital Signatures
  • PGP / OpenPGP / GPG
  • General World Wide Web Security
  • Secure Socket Layer (SSL) / Transport Layer Security (TLS)
  • MIME Security
  • DNSSEC resources
  • Secure Electronic Transactions (SET)
  • Implementations / (open source) Toolkits / Products / Vendors
  • Literature / Articles / Publications / RFCs
  • Miscellaneous PKI and Security stuff

Extensive list of Certification Authorities:

• DFN - PCA (The PCA for the German Research Network)
• The UNINETT PCA in Norway and its policy.
• IPRA: Internet PCA Registration Authority (MIT)
• CREN (US Corporation for Research and Educational Networking) CA
• VeriSign, Inc. and its Certificate Practice Statement (CPS)
• SET Demo Certificate Selection from VeriSign, Inc.
• Sun Certificate Authorities
• TradeAuthority
• Thawte Certification Division
• Initiative for Computer Authentication Technology (ICAT) (Alternative site)
• Free certificates by Entrust Technologies
• Spyrus Certification Authorities (Australia)
• Net.Registry (IBM)
• BiNARY SuRGEONS: Certification Services
• SoftForum CA
• EuroTrust: EU Research contract for TTP/CA infrastructure
• Government of Canada Public Key Infrastructure
• AD AEQUITATEM (Univ. of Zaragoza, Spain)
• SISCER (Spain)
• Internet Publishing Services (IPS) (note: Spanish language!)
• SIA CA (note: Italian language!)
• CertCo
• IKS Certification Authority
• CompuSource
• CARYNET Security
• KeyPOST (Australia Post)
• BankGate
• Columbia CA
• Entropia Internet CA
• KAIST network CA (note: Korean language!)
• PVT CA (note: Czech language!)
• South African Certification Agency
• Telecom Italia Net CA (note: Italian language!)
• World Wide Wedlin CA
• Swisskey (discontinued)
• Australian Government Public Key Authority
• NLsign (note: Dutch language!)
• SSB - SpA CA (note: Italian language!)
• Agencia de Certificación Electrónica
• Laboratorio de Criptología (note: Spanish language!)
• Interneto Projektai (note: Lithuanian language!)
• University of Torino (note: Italian language!)
• The USERTRUST Network
• GlobalSign
• Netrust
• Baycorp ID Services Ltd
• Certplus
• Controller of Certification Authorities (Gov. of Singapore)
• CrossCert (Korean Electronic Certification Authority)
• Equifax Secure
• Security Domain Pty Limited
• Certificates Australia Pty Limited
• a-sign (note: German language!)
• FP5 Certification Service (Fifth Framework Programme of the European Community)
• WIS@key
• Tele Danmark certificeringscenter (note: Danish language!)
• AlphaTrust
• ACES - Access Certificates for Electronic Services (US General Services Administration)
• WildID LLC
• TI-TC Trustcenter of the Institute for Telematics (note: German language!)
• EuroPKI
• SURFnet PCA (note: Dutch language!)
• Väestörekisterikeskus: The Finnish Population Register Centre's CA (note: mostly Finnish language!)
• FESTE (note: Spanish language!)
• Powszechne Centrum Certyfikacji
• Viacode (note: will cease operation!)
• Acepta.com (Autoridad Certificadora) (note: Spanish language!)
• E-certify Corporation
• ACES: Access Certificates for Electronic Services
• ORC's DoD IECA: Interim External Certification Authority
• freecerts.com: free WAP test certificates
• beTRUSTed
• TC TrustCenter
• The Bridge-CA
• eSign Australia
• Certall Finland Oy
• DoD PKI (DoD PKI External CAs)
• a-trust (note: German language!)
• Health eSignature Authority Pty Ltd
• ID.Safe
• IG tOP: Trägerschaft öffentliche PKI Schweiz (note: German language!)
• QuoVadis Limited: Bermuda Digital CA
• Certipor: Sociedade Portuguesa de Certificados Digitais, S.A.
• Acertia (note: Spanish language!)
• ICP-Brasil (note: Portuguese language!)
• Identrus
• E-Commerce PKI CA
• Certeca (Offshore CA)
• Digital Signature Trust Company
• BCA: US DoD Bridge Certification Authority Technology Demonstration
• DecidirCA
• MEDePass, Inc.
• euSign S.A.
• TrustCenter berlin.de (note: German language!)
• Ezitrust
• Keystorm
• Geotrust
• SignGATE (Korea Information CA, Inc.)
• SignKorea (note: Korean language!)
• YESSIGN (note: Korean language!)
• Korea Certification Authority Central
• NCASign (note: Korean language!)
• The Federal Bridge-CA (NIST)
• Belgacom E-Trust
• SafeWeb (note: Portuguese language!)
• PKI - Infraestructura de Firma Digital para el Sector Publico - Argentina (note: Spanish language!)
• OpenCerts
• SwUPKI: PKI for Universities and University Colleges in Sweden
• SIGEN-CA (Slovenia)
• SIGOV-CA (Slovenia)
• Gatekeeper (Australia)
• WISeCert
• Portas
• Cacert
• SwisSsign
• SSLpartner
• Scandtrust
• InstantSSL (Comodo Group)
• DigiCert, Inc.
• EuropePKI
• DTCA: D.Trust Certifikacna Autorita (note: Slovakian language!)
• Centrum Certyfikacji Signet (note: Polish language!)
• PKI der FhG (note: German language!)
• Sonera CA (note: Finnish language!)
• Certificado Digital S.A. (note: Spanish language!)
• Post.Trust
• steria (note: Swedish language!)

PGP Certification Authorities:

 

• DFN - PCA (The PCA for the German Research Network)
• IN-CA: Individual Network e.V. (note: German language!)
• c't - Krypto-Kampagne (note: German language!)
• TC TrustCenter (note: German language!)
• IKS Certification Authority
• AD Certification Service (note: German language!)
• GeFökoM CA (note: German language!)
• SURFnet PCA (note: Dutch language!)
• Powszechne Centrum Certyfikacji

CAs accredited by the German Digital Signature Law ("Signaturgesetz")

• The Root CA: Regulierungsbehörde (note: German language!)

   

  • Deutsche Telekom / TeleSec (note: German language!)
  • Signtrust / Deutsche Post eBusiness
  • Bundesnotarkammer (note: German language!)
  • DATEV eG (note: German language!)
  • Medizon AG (note: gone out of business!)
  • Steuerberaterkammer Nürnberg (see here also - note: German language!)
  • Steuerberaterkammer Saarland (see here also - note: German language!)
  • Hanseatische Steuerberaterkammer Bremen (see here also - note: German language!)
  • Steuerberaterkammer München (see here also - note: German language!)
  • Steuerberaterkammer Berlin (see here also - note: German language!)
  • Steuerberaterkammer Stuttgart (see here also - note: German language!)
  • Rechtsanwaltskammer Koblenz (see here also - note: German language!)
  • Rechtsanwaltskammer Bamberg (see here also - note: German language!)
  • AuthentiDate
  • TC Trustcenter
  • D-Trust
  • Hanseatische Rechtsanwaltskammer Hamburg (see here also - note: German language!)
  • Steuerberaterkammer Niedersachsen (see here also - note: German language!)
  • Wirtschaftsprüferkammer (see here also - note: German language!)
  • Rechtsanwaltskammer München (see here also - note: German language!)
  • Rechtsanwaltskammer Berlin (see here also - note: German language!)
  • Steuerberaterkammer Brandenburg (see here also - note: German language!)

   

• More Information on the German Digital Signature Act (note: German language!)
• T7 - ISIS (Industrial Signature Interoperability Specification, note: obsolete - this is now ISIS-MTT)
  • ISIS-MTT Testbed
• Rahmenwerk für die einheitliche Spezifizierung der Einsatzbedingungen für Signaturanwendungskomponenten (note: German language!)

CAs accredited by the Italian Digital Signature Law

• Elenco pubblico dei certificatori attivi (note: Italian language!)

   

  • Societa Interbancaria per l'Automazione - Cedborsa S.p.A. (SIA S.p.A.) (note: Italian language!)
  • SOCIETA' per i SERVIZI BANCARI - SSB S.p.A. (note: Italian language!)
  • BNL Multiservizi S.p.A. (note: Italian language!)
  • Infocamere SC.p.A. (note: Italian language!)
  • Finital - Finanziaria Italiana S.p.A. (note: Italian language!)
  • Saritel S.p.A. (note: Italian language!)
  • Postecom S.p.A. (note: Italian language!)
  • Societa per Azioni Servizi Centralizzati - Seceti S.p.A. (note: Italian language!)
  • Centro Tecnico per la RUPA (note: Italian language!)
  • In.Te.S.A. S.p.A. (note: Italian language!)
  • ENEL.IT S.p.A. (note: Italian language!)
  • Trust Italia S.p.A. (note: Italian language!)
  • Cedacrinord S.p.A. (note: Italian language!)
  • ACTALIS S.p.A. (note: Italian language!)

CAs licensed by the Utah Digital Signature Act

• Digital Signature Trust Company
• Arcanvs, Inc.
• Universal Secured Enryption Repository Company
• VeriSign, Inc.

CAs licensed by Washington State's Electronic Authentication Act

• ID Certify, Inc.
• VeriSign, Inc.
• Arcanvs, Inc.
• Digital Signature Trust Company

CAs licensed by Oregon's Electronic Signature Act

• Arcanvs, Inc.
• VeriSign, Inc.
• Digital Signature Trust Company

CAs licensed by the North Carolina Electronic Commerce Act

• Arcanvs, Inc.
• VeriSign, Inc.
• Digital Signature Trust Company

CAs licensed by California's Digital Signature Regulations

• VeriSign, Inc.
• Digital Signature Trust Company
• ID Certify, Inc.
• Entrust Technologies, Inc.

CAs licensed by Nebraska's Digital Signatures Act

• VeriSign, Inc.
• Digital Signature Trust Company
• ID Certify, Inc.

PKI Service Providers approved by the Texas Digital Signature Rule

• VeriSign, Inc.
• Digital Signature Trust Company
• Baltimore Technologies plc.

Information and documents related to the European Directive for Electronic Signatures

• The European Commission: Information Society Website
• EESSI: The European Electronic Signature Standardization Initiative
• ETSI: European Telecommunications Standards Institute
• CEN/ISSS E-Sign: European Committee for Standardization (another site)
• European Commission: Information Society Directorate-General

   

• The Electronic Signatures Regulations 2002 (UK)
• Supervisory Authority for Electronic Signatures (Austria)
• Status of notification of legal acts implementing the electronic signatures directive
• FESA: Forum of European Supervisory Authorities for Electronic Signatures
• Study report: The legal and market aspects of electronic signatures (PDF version, accompanying website, accompanying website)
• VITAS: Voluntary Trust-service Approval Schemes common interest group
• Prestataire de service de certification (Luxembourg)
• Position paper on the e-signatures review by the American chamber of commerce

CAs licensed under the Gvmt of India IT Act 2000

• Controller of CAs
• IDRBT CA
• TCS Certifying Authority (CA) Services
• National Informatics Center CA
• SafeScrypt

CAs licensed under the Polish Digital Signature Law

• Unizeto CERTUM CA
• Sigillum Polskie Centrum Certyfikacji Elektronicznej (note: Polish language!)
• Centrum Certyfikacji Signet (note: Polish language!)
• KIR S.A. (note: Polish language!)

TTPs registered under the Dutch Wet Elektronische Handtekeningen

• Unieke Zorgverlener Identificatie Register (note: Dutch language!)
• PinkRoccade CSP (note: Dutch language!)
• DigiNotar B.V. (note: Dutch language!)

Digital Signatures:

• US State Digital Signature Laws
• Digital Signature Law Survey
• EFGA: Digital Signature Section
• Summary of international legislation
• Tutorial on Digital Signatures
• Digital Signature Links
• Internet Law & Policy Forum (ILPF): Digital Signature Working Group
• Digital Signature Guidelines
• ICC: General Usage for International Digitally Ensured Commerce
• European Commission Legal Advisory Board: Digital Signatures and Encryption
• W3: Digital Signature Initiative
• UNITED NATIONS (UNCITRAL): Draft Uniform Rules On Electronic Signatures
• Baker & McKenzie: E-Signatures and D-Signatures
• S.761: Electronic Signatures in Global and National Commerce Act (US federal)
• Bill 88: Electronic Commerce Act, 2000 (Canada)
• Projekt ArchiSig
• Fst Ricerca (note: Italian language!)
• Leitfaden Elektronische Signatur (note: German language!)

PGP / OpenPGP / GPG:

• The international PGP Home Page
• The domain pgp.net
• PGP Keyserver
• PGP Web of Trust Statistics
• RFC 1991: "PGP Message Exchange Formats"
• RFC 2015: "MIME Security with Pretty Good Privacy (PGP)"
• PGP Corporation
• PGP Attack FAQ
• PGP International
• Robert (Guerra)'s PGP Links
• RFC 2440: "OpenPGP Message Format"
• PGP DH vs. RSA FAQ
• GnuPG - the GNU Privacy Guard
• Key experiments: How PGP Deals With Manipulated Keys
• Experimental PGP key path finder
• PGPdump Interface
• The DSA Flaw in OpenPGP
• PGP Keyring Analysis
• GPGrelay
• Crypt::OpenPGP
• A security analysis of PGP
• CKS: CryptNET Key Server
• RFC 3156: "MIME Security with OpenPGP"
• Public Key Servers
• Tom McCune's page for PGP
• NAI Letter sent to PGP Customers on Feb, 26th (R.I.P. PGP)
• OpenPKSD
• SKS: the synchronizing keyserver
• OpenCDK
• PKS: OpenPGP Key Server
• onak: OpenPGP Key Server

General World Wide Web Security:

• The World Wide Web Security FAQ
• Java Security FAQ
• Terisa Systems
• IBM's Surf'N'Sign: Signing Documents on the Web
• Tha Java Security Hotlist
• WWW Security Pointers
• Java Security Resources
• Java Filter
• Java Security: Chronology of security-related bugs (Sun)

Secure Socket Layer (SSL) / Transport Layer Security (TLS):

• SSL Protocol Version 2.0 (Draft)
• SSL Protocol Version 3.0 (Draft)
• Netscape Certificate Specifications
• SSLeay and SSLapps FAQ
• SSL-Talk FAQ
• SSLeay Certificate Cookbook (F. J. Hirsch)
• SSLeay 0.6.6 documentation including libcrypto docs
• Introducing SSL and Certificates using SSLeay (F. J. Hirsch)
• Setting up your own certification environment using SSLeay 0.8.1 and MSIE 4.0 (Samuel Liddicott)
• Set up your own CA using free software (Marint Ouwehand)
• Mozilla Crypto Group
• OpenSSL PKCS#12 Program FAQ (Stephen Henson)
• Enabling Network Security with SSLeay
• Test the strength of your browser's crypto
• OpenSSL: The Open Source toolkit for SSL/TLS
• Introduction to SSL
• RFC 2246: "The TLS Protocol Version 1.0"
• BSAFE patches for SSLeay
• PureTLS - free Java-only implementation of SSLv3 and TLSv1
• More SSL related applications from the OpenSSL web site
• pilotSSLeay: port of SSLeay-0.8.1 to the Pilot
• ssldump: SSLv3/TLS network protocol analyzer
• OpenSSL for Win32
• A design weakness of SSL/TLS (H. Krawczyk)
• GNU TLS library
• OpenSSL Examples
• OpenSSL based PKI
• SSLbar
• Which SSL: SSL Certificate Buyers Guide (Comodo Group)

MIME Security:

• Information on S/MIME (IMC)
• S/MIME Freeware Library (SFL)
• S/MIME Mail Security (IETF)
• S/MIME and OpenPGP
• S/MIME tool
• NIST S/MIME Activities
• S/MIME Interop Matrix
• PM-S/MIME: S/MIME Plugin for Pegasus Mail

DNSSEC resources:

• DNS Security (DNSSEC) in CAIRN
• NLnet Labs DNSSEC resources
• IETF: DNS Extensions (dnsext) System Security
• NIC-SE: Reports on DNSSEC
• Report from the Workshop on DNSSEC, Sweden
• DNSsec Internet Drafts
• DNSSEC Related Links
• DNSSEC Paper
• DNSSEC - Software Integration
• Report on IIS DNSSEC Workshop
• SIGZ.net: DNSSEC signed test zone
• Thesis on DNSSEC (M. Gebien)
• Applied Research DNSSEC Pilot
• DNSSEC.net

Implementations / (open source) Toolkits / Products / Vendors:

• SECUDE
• NCSA httpd - Using PGP/PEM encryption
• RSA Euro - Cryptography for the World
• SESAME: Cryptographic applications (secure site)
• Information about TIS/MOSS (TIS)
• SSR: Secure Socket Relay
• Frontier Technolgies: e-Lock (alternative site)
• Baltimore Technologies: UniCERT Certification Authority System
• cryptlib: freely available Encryption Toolkit (Peter Gutmann)
• Apache-SSL: Secure Webserver (Ben Laurie)
• SSLeay
• mod_ssl: Apache interface to SSLeay
• Java Security Toolkit (TU Graz)
• Tools from Diversinet Corp.
• Jonah PKIX: a freeware PKIX (see below) reference implementation (IBM)
• Jonah PKIX: same as above but internationally available! (note: site seems to be dead!)
• J/CA Certification Toolkit (Phaos Corp.)
• Entrust Technologies
• Oscar - DSTC's Public Key Infrastructure Project
• Entegrity Solutions Corp
• Structured Arts Computing Corp
• The OpenCA Project
• SHYM Technology
• pyCA - Software for running a certificate authority
• JCSI - DSTC's Java Crypto and Security Implementation
• Nexus
• Radicchio
• Sendmail-TLS
• Alphaworks/IBM: KeyMan PKI client side management tool
• R&L GmbH: safeX
• M2Crypto Cryptography, SSL and S/MIMEv2 for Python
• NSS + PSM Open Source PKI projects on Mozilla
• Safelayer Secure Communications S. A.
• Conclusive Logic, Inc.
• SSH Certificate Toolkit
• Kyberpass Corporation
• PHAOS Technology
• Celo Communications
• KeyTrust Certificate Explorer (note: German language!)
• Capslock
• Valimo Wireless Oy
• Cylink
• Awanim
• CrypTool
• IDX-PKI
• Biodata Systems GmbH
• Certicom Corp.
• ValiCert
• .pkicomplete
• Java Certification Path API
• trustsuite.de (note: German language!)
• timeproof
• e-Security, Inc.
• Hush Communications
• PKI Group Test (The NSS Group)
• db-order (note: German language!)
• upki
• CertPath APIs (as part of J2SE 1.4)
• BERViewer
• Project Ägypten: Free Software SPHINX Clients
• EJBCA: J2EE Certificate Authority
• AET Europe BV (Advanced Encryption Technology)
• Utimaco Safeware
• HYPERTRUST
• FlexiProvider
• ArticSoft
• SECUonline AG
• Baltimore Keytools
• gpkcs11
• ValiCert ASN.1 Parser
• CryptoEx
• Tekki
• pki.ssh.com
• C&A
• nCipher
• KSIGN Co. Ltd. (Korea)
• Dreamsecurity Co. Ltd. (Korea)
• INITECH Co. Ltd. (Korea)
• OnePKI
• GUIdumpASN
• Tellus Technologies
• CPKtec
• BCQRE (note: Korean language!)
• Glück & Kanja Technology AG
• CSP: Certificate Service Provider
• e-CryptIt Engine 7.0
• SimpleCA (another site
• Evidian
• NewPKI
• Chrysalis-ITS
• Fortrus WebPKI
• Guardeonic
• Evincible
• Libgcrypt
• Ascertia Corp.
• Globus Simple CA Package
• Rainbow CryptoSwift
• AEP SureWare Keyper
• CML: Certificate Management Library
• Oasis Digital Signature Services
• Teraview
• DigiStamp
• Signature Perfect KG
• XCA (XCA at soureforge
• Tarmin Solutions Ltd.
• M2Crypto
• IT Solution GmbH Software for qualified signatures according to German and Austrian Signature Law (Note: German language!)
• PCP: Pure Crypto Project (R. Senderek)
• CoreStreet, Ltd.
• Pi3Web Certification Authority
• eTrust PKI (Computer Associates)
• eTrust OSCPro (Computer Associates)
• Valimo Wireless Ltd.
• Netscape Certificate Server
• Raak Technologies
• Safeway
• Diginus Ltd.
• yaSSL
• cv cryptovision gmbh
• PKI SOFTWARE HOUSE: proCertum products
• mozcert: Mozilla/Firefox enhancement
• Clarios Corp.
• Eracom Technologies
• SecureBlackbox (Eldos Corp.)
• XiCrypt Technologies
• roCA: read-only CA
• Zertificon Solutions GmbH
• AgileCO eTRUST
• Direct2GOV

Literature / Articles / Publications / RFCs:

• X.509 specification (including latest drafts on X.509v4)
• A Survey of Public Key Infrastructures (Marc Branchaud)
• PKI-related activities at NIST (also from the DFN-PCA FTP-Server)
• Secure E-mail (Presentation given by Harald T. Alvestrand)
• Several documents focusing on Electronic Cash from the DFN-PCA FTP-Server
• Sirene Publications
• Certified Electronic Mail (CEM)
• W3: Electronic Payment Schemes (Phillip Hallam-Baker)
• Security and Encryption Links (Peter Gutmann)
• Excellent X.509 Style Guide (Peter Gutmann)
• PEM implementations and documents from the DFN-PCA FTP-Server
• Center for Standards (DISA): PKI Standardization Home Page
• Publications on Java Security et al. (SIP)
• Rethinking PKI and digital certificates --- building in privacy (Thesis of Stefan Brands)
• Compliance Defects in Public-Key Cryptography (D. Davis)
• Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure (B. Schneier, C. Ellison)
  • ...and a response to 10 Risks of PKI (A. Perez)
  • ...and another response to 10 Risks of PKI (B. Laurie)
• The OpenSource PKI book
• The Public-Key Cryptography Standards (PKCS)
• Conventional PKI: An Artefact Ill-Fitted to the Needs of the Information Society (Roger Clark)
• Excerpts from "The Design and Verification of a Cryptographic Security Architecture" (PhD thesis, Peter Gutmann)
• PKI Publications from ETH, Zürich
• Public Key Cryptography based on Braid Groups
• The Ten Minute CEO Briefing on PKI... (note: site seems to be dead!)
• The Shocking Truth About Digital Signatures and Internet Commerce (J. Winn)
• PKI Policy Pitfalls (M. Bobbitt)
• List of CA's
• An introduction to PKI (and more PKI white papers)
• White Papers on PKI
• Digital Certificates (Roedy Green)
• Collection of PKI related RFCs and internet drafts
• Implementation Problems on PKI
• PKI Policy in the Business Environment (J. Sabo, Y. Dzambasow)
• Vergleichbarkeit von PKI-Policies mittels XML (note: German language!)
• Non-Repudiation in the Digital Environment (A. McCullagh, W. Caelli)
• The Liability Regime for Certification Authorities Towards Third Parties Outwith the EC Directive in England and Germany Compared (S. Hindelang)
• Solar Trust Model (M. Clifford)
• Networking in The Solar Trust Model: Determining Optimal Trust Paths in a Decentralized Trust Network (M. Clifford)
• A vulnerability assessment of roaming soft certificate PKI solutions (S. Wilson)
• PKI Certificate Revocation (Master thesis, A. Arnes)
• Misc PKI publications (Stephen Wilson)

  RFCs and internet drafts:

• The IETF Security Area and related IETF working groups

   

  • PKIX: Public Key Infrastructure (X.509)
    • RFC 2459: "Certificate and CRL Profile"
    • RFC 2510: "Certificate Management Protocols"
    • RFC 2511: "Certificate Request Message Format"
    • RFC 2527: "Certificate Policy and Certification Practices Framework"
    • RFC 2528: "Representation of Key Exchange Algorithm (KEA) Keys in Internet X.509 Public Key Infrastructure Certificates"
    • RFC 2559: "Operational Protocols - LDAPv2"
    • RFC 2560: "Online Certificate Status Protocol - OCSP"
    • RFC 2585: "Operational Protocols - FTP and HTTP"
    • RFC 2587: "LDAPv2 Schema"
    • RFC 2797: "Certificate Management Messages over CMS"
    • RFC 2875: "Diffie-Hellman Proof-of-Possession Algorithms"
    • RFC 3029: "Data Validation and Certification Server Protocols"
    • RFC 3039: "Qualified Certificates Profile"
    • RFC 3161: "Time-Stamp Protocol (TSP)"
    • RFC 3279: "Algorithms and Identifiers for the PKIX Certificate and Certificate Revocation List (CRL) Profile"
    • RFC 3280: "Certificate and CRL Profile"
    • RFC 3281: "An Internet Attribute Certificate Profile for Authorization"
    • RFC 3379: "Delegated Path Validation and Delegated Path Discovery Protocol Requirements"
    • RFC 3628: "Policy Requirements for Time-Stamping Authorities (TSAs)"
    • RFC 3647: "Certificate Policy and Certification Practices Framework"
    • RFC 3709: "Logotypes in X.509 Certificates"
    • RFC 3739: "Qualified Certificates Profile"
    • RFC 3770: "Certificate Extensions and Attributes Supporting Authentication in Point-to-Point Protocol (PPP) and Wireless Local Area Networks (WLAN)"
    • RFC 3779: "X.509 Extensions for IP Addresses and AS Identifiers"
    • RFC 3820: "Proxy Certificate Profile"
    • RFC 3874: "A 224-bit One-way Hash Function: SHA-224"
    • RFC 4043: "Permanent Identifier"
    • RFC 4055: "Additional Algorithms and Identifiers for RSA Cryptography for use in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile"

     

  • S/MIME: S/MIME Mail Security
    • RFC 2311: "S/MIME Version 2 Message Specification"
    • RFC 2312: "S/MIME Version 2 Certificate Handling"
    • RFC 2630: "Cryptographic Message Syntax"
    • RFC 2631: "Diffie-Hellman Key Agreement Method"
    • RFC 2632: "S/MIME Version 3 Certificate Handling"
    • RFC 2633: "S/MIME Version 3 Message Specification"
    • RFC 2634: "Enhanced Security Services for S/MIME"
    • RFC 2785: "Methods for Avoiding the 'Small-Subgroup' Attacks on the Diffie-Hellman Key Agreement Method for S/MIME"
    • RFC 2876: "Use of the KEA and SKIPJACK Algorithms in CMS"
    • RFC 2984: "Use of the CAST-128 Encryption Algorithm in CMS"
    • RFC 3058: "Use of the IDEA Encryption Algorithm in CMS"
    • RFC 3125: "Electronic Signature Policies"
    • RFC 3126: "Electronic Signature Formats for long term electronic signatures"
    • RFC 3183: "Domain Security Services using S/MIME"
    • RFC 3185: "Reuse of CMS Content Encryption Keys"
    • RFC 3211: "Password-based Encryption for CMS"
    • RFC 3217: "Triple-DES and RC2 Key Wrapping "
    • RFC 3218: "Preventing the Million Message Attack on Cryptographic Message Syntax"
    • RFC 3274: "Compressed Data Content Type for CMS"
    • RFC 3278: "Use of Elliptic Curve Cryptography (ECC) Algorithms in CMS"
    • RFC 3369: "Cryptographic Message (CMS)Syntax"
    • RFC 3370: "Cryptographic Message Syntax (CMS) Algorithms"
    • RFC 3394: "Advanced Encryption Standard (AES) Key Wrap Algorithm"
    • RFC 3537: "Wrapping a Hashed Message Authentication Code (HMAC) key ..."
    • RFC 3560: "Use of the RSAES-OAEP Key Transport Algorithm in CMS"
    • RFC 3565: "Use of the Advanced Encryption Standard (AES) Encryption Algorithm in CMS"
    • RFC 3657: "Use of the Camellia Encryption Algorithm in Cryptographic Message Syntax (CMS)"
    • RFC 3850: "S/MIME Version 3.1 Certificate Handling"
    • RFC 3851: "S/MIME Version 3.1 Certificate Message Specification"
    • RFC 3852: "Cryptographic Message Syntax (CMS)"
    • RFC 3854: "Securing X.400 Content with S/MIME"
    • RFC 3855: "Transporting S/MIME Objects in X.400"
    • RFC 4010: "Use of the SEED Encryption Algorithm in Cryptographic Message Syntax (CMS)"
    • RFC 4056: "Use of the RSASSA-PSS Signature Algorithm in Cryptographic Message Syntax (CMS)"
    • RFC 4134: "Examples of S/MIME Messages"

     

  • TLS: Transport Layer Security
    • RFC 2246: "The TLS Protocol Version 1.0"
    • RFC 2712: "Addition of Kerberos Cipher Suites to TLS"
    • RFC 2817: "Upgrading to TLS Within HTTP/1.1"
    • RFC 2818: "HTTP Over TLS"
    • RFC 2830: "LDAP v3: Extension for Transport Layer Security"
    • RFC 3268: "Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS)"
    • RFC 3546: "Transport Layer Security (TLS) Extensions"
    • RFC 3749: "Transport Layer Security Protocol Compression Methods"
    • RFC 4132: "Addition of Camellia Cipher Suites to Transport Layer Security (TLS)"

     

  • SPKI: Simple Public Key Infrastructure (Note: WG has concluded)
  • OpenPGP: An Open Specification for Pretty Good Privacy
  • IETF/W3C XML Signature WG
  • IPSEC: IP Security Protocol
  • IPSRA: IP Security Remote Access

     

  • The venerable PEM specification:
    • RFC 1421 --- ASCII --- PostScript (195 KB)
    • RFC 1422 --- ASCII --- PostScript (156 KB)
    • RFC 1423 --- ASCII --- PostScript (76 KB)
    • RFC 1424 --- ASCII --- PostScript (46 KB)

     

  • RFC 1847: "Security Multiparts for MIME"
  • RFC 1848: "MIME Object Security Services (MOSS)"
  • RFC 2015: "MIME Security with Pretty Good Privacy (PGP)"
  • RFC 2480: "Gateways and MIME Security Multiparts"
  • RFC 3156: "MIME Security with OpenPGP"
  • RFC 3174: "US Secure Hash Algorithm 1 (SHA1)"

Miscellaneous PKI and Security stuff:

• TERENA's Security Working Group: WG-SEC
• UKERNA Technology Group Secure Email Project Homepage
• About the Digital Notary Service
• MMMSec: Security in Multimedia - Mail
• Internet Law & Policy Forum (ILPF): CA Working Group
• SPKI: Simple Public Key Infrastrucure (Carl Ellison)
• Electronic Commerce Promotion Council (Japan)
• INFOSEC page from DGXIII of the European Commission
• Meta-Certificate Group
• University of Colorado Certification Practices Statement (DRAFT)
• The Global Trust Register (University of Cambridge)
• Certificate Authority Interoperability Pilot (Internet Council)
• Fortify for Netscape!
• European Certification Authority Forum (ECAF)
• "PKI Architecture" - Network Strategy Report by The Burton Group
• PKI Task Group (Open Group)
• Netscape Object Signing Resources
• "CLOUD COVER" (UK Government)
• The "Thin PKI" concept
• The PKI Forum
• ISETO: The International Secure Electronic Transactions Organisation
• ESCA: Electronic Signatures and Certification Authorities (ITU)
• e-STIO: Electronic Signature Testsuite for Inter-Operability
• Baker & McKenzie: Certification Authorities
• ChamberSign initiative by the British Chambers of Commerce
• The PKI Challenge (EEMA)
• HEPKI: Higher Education PKI
• PKI-COORD: PKI Coordination for Europe
• XKMS: XML Key Management Services (XKMS at w3.org)
• TECS: The Encyclopedia of Computer Security
• WebTrust Program for Certification Authorities
• CertificationAuthorities.com
• globalplatform.org
• SiegeSoft.com (Internet Privacy and Security)
• Project MailTrusT (note: German language!)
• Network and Information Security: Proposal for a European Policy
• ABA's PKI Assessment Guidelines (Draft)
• PKI Symposium 2003 (note: German language!)
• Dartmouth PKI Lab
  • 3^rd Annual PKI Research Workshop
• De Taskforce PKI Overheid (note: Dutch language!)
• Electronic Commerce for Developing Countries (ITU)
• OpenValidation.org (OCSP test responder)
• VPNC: VPN Consortium
• PKC 2002
• tScheme Ltd
• Internet2 PKI Labs
• Healthcare PKI
• vpnlabs.org
• vpnlabs.com
• SSTC: XML-Based Security Services Technical Committee (OASIS)
• xmltrustcenter.org
• pkilaw.com
• SigLab (note: German language!)
• A bridge CA for Europe's public administrations
• Questionnaire on Public Key Infrastructure applications and requirements for the European Academic Networks
• X.509 path validation test suite (NIST)
• PKI Club
• FreeICP Project
• PKICUG (PKI for Closed User Groups)
• Challenge PKI Project
• PKI Interoperability Project (Japan PKI Forum)
• Chinese PKI Forum (note: Chinese language!)
• Asia PKI Forum
• Foro PKI de Mexico (note: Spanish language!)
• Norwegian PKI Forum (note: Norwegian language!)
• SPES project: Setting the Processes for electronic signatures in European cities
• ECRYPT project: European Network of Excellence for Cryptology