We have an ongoing commitment to researching the implementation of the SPKI/SuiteB certification and encrypted key specification for delegated trust networks.
Our research effort is geared toward simplifying the means by which developers can cryptographically secure data between systems while reducing the effort and inefficiency involved in permitting delegation of certification authority. The aim is to deliver a non-repudiable, delegated trust mechanism using cryptographic primitives approved by the NSA for US government ‘top secrets’.
More background information is available:
- Paul Crowley’s blog post of 2007.
- Carl Ellison and Bruce Schneier’s paper on Ten Risks of PKI: What You’re not Being Told about Public Key Infrastructure
- More on SPKI/SDSI Certificates