CRYPTO - eBIZ
Fora and associations
Schemes and regulators
- Berkeley's Certificate Notary
- EFF's SSL Observatory
- Google's Certificate Transparency an open framework for monitoring and auditing SSL certificates in nearly real time
- Aims to solve the problem of mistakenly issued certificates or certificates issued by a compromised CA.
In these cases, browsers see nothing wrong with the certificates giving users the impression that the website
they’re visiting is authentic and their connection is secure.
- Three main goals:
- Make it impossible (or at least very difficult) for a CA to issue a SSL certificate for a domain without
the certificate being visible to the owner of that domain.
- Provide an open auditing and monitoring system that lets any domain owner or CA determine whether certificates
have been mistakenly or maliciously issued.
- Protect users from being duped by certificates that were mistakenly or maliciously issued.
- The 'trans' IETF WG was established to create a standard RFC for Certificate Transparency
- Certificate Transparency adds three new functional components to the current SSL certificate system: certificate logs, certificate monitors and certificate auditors
- Wikipedia: Google launched its first certificate transparency log in March 2013.In September 2013, DigiCert became the first certificate authority to implement Certificate Transparency.
Google Chrome began requiring Certificate Transparency for newly issued Extended Validation Certificates in 2015.
EMEA - including EESSI and pkiChallenge
- European Electronic Messaging Association - EEMA - also ECAF
- EEMA - pkiChallenge
- EESSI homepage.org - European Electronic Signature Standardization Initiative - LEGACY
- EESSI homepage.fr - backup in France
- EU - PKI-Page.info.eu, including country index cards
- EU/DE - TeleTrust - a German not for profit
- EU/DE - Bridge CA - mainly a German initiative
- EU - EuroPKI - EC sponsored research in pan-european PKI - ICE-CAR/ICE-TEL
- DE - DE-Coda (Berlin) - e-certificate of origin
- DE - SKidentity - Detlef Huehnlein
- DE - Trusted Cloud initiative
- Authq - Iskratel's trustmark
- LU - Arhs-group - creators of the EC DSS (Digital Signature Server)
- IT - InfoCert - claims to be the largest European TSP
- IT - e-witness - electronic notary
- IT - SNG - Ricardo Genghini
- IT - RicardoGenghini.it
- BE - BelSign - the roots of GlobalSign
- BE - GlobalSign - today part of GMO Internet Inc (JP, Tokyo), started as Belsign, with Vodafone, ING, Ubizen, ...
- BE - Belgacom e-trust - references include Dimona, Carenet, OFBB (Ordre Français du Barreau de Bruxelles), FEDpki, ...
- BE - Belgacom's CPS
- BE - Connective - Antwerp - eIdentity, eDocuments, eSignatures
- ITSME's eID-based on-boarding
- ITSME's QES
- Keytrade e-mortgage, AG Insurance, ...
- based on EC DSS
- BE - Unified Post
- BE - IntelliStamp
- BE - XADES - Frank Cornelis
- BE - e-Contract - Frank Cornelis
- BE - HyperTrust - Maarten, Peter, Samoera, ...
- BE - Info2Clear - AnthonyB.
- BE - Octalis - DRM - Louvain-La-Neuve
- BE(?) - Veridis - secure content management
- BE - SecureAttachment - Info2Clear's spinoff, built on Adobe technology
- BE - Certipost / Belgacom/De Post E-Services - ex-PostBox - ex Eric Weytjens
- BE - CertiOne - eInvoicing
- BE - TecTrade
- FR - OpenTrust (ex-Keynectis) - used by EU Council
- FR - Docapost.fr - Frank Leroy - part of Groupe La Poste
- FR - Dictao
- PT - Multicert
- ES - ANF Autoridad de Certificación (Madrid) - also attribute authority and more
- CH - SwissSign - SwissPost
- CH - QuoVadis
- NL - ICTU - eGovernment - Rijkspas
- NL - Logius - DigiD
- NL - PKI Overheid - TTP.NL - inclusief eisen en wensen
- NL - PinkRoccade - houses the Identrus root key
- NL - DigiNotar - digitale notaris (hacked and gone, read the Black Tulip report)
- IS - Iceland - Audkenni - national certification authority- population of around 270.000 persons (set-up by GlobalSign)
- Scandinavia - DNV
- Scandinavia - BBS-Nordic
- NO - Bankenes Betalings Sentral - includes Norwegian Bank-id, based on central signing server
- NO - Signicat
- SE - TrustWeaver
- Sovos- eInvoicing
- SE - Nexus Group
- SE - Nexus (Sonera/iD2) - used by DigiCert, Volkswagen, EPO, Finnish & Swedish eid pki, ...
- UK - Ascertia's SigningHub
- UK - nCipher - HSM - key storage e.g. nFast (used by beTRUSTed) crypto accelerators, root signers etc
- IR - Vordel - XML security - B2B signing
- IR - Baltimore - UniTrust CA / merging into Betrusted
- IR - BaltimoreInc - Zergo - even SDK for Linux
- RO - CertSIGN (UTI), PKI and cybersec
- RO - Trans Sped - Viky Manaila
- DE - Regify - registered email
- DE - Brokat - Secure internet banking - Java...
- AT - Signature Validation
- AE - Comtrust - PKI for the Arab world
Asia and Pacific
Legacy - beTrusted