Adam +1 And I give Brian the highest commendation for highlighting this issue. We must always try our level best to embrace the Multi-Stakeholder regime because as much as sometimes it sound like we are in the Tower of Babel ultimately the best solutions emerge (most of the time). Regards* Ali Hussein* *CEO, 3mice interactive media ltd* *Partner, Telemedia Africa Ltd * Tel: +254713601113 Twitter: @AliHKassim Skype: abu-jomo LinkedIn: http://ke.linkedin.com/in/alihkassim<http://ke.linkedin.com/in/alihkassim> Blog: www.alyhussein.com On Thu, Mar 21, 2013 at 12:58 PM, Adam Nelson <adam@varud.com> wrote:
I think Brian's original point is well taken. It's not ideal for a Korean government agency to hold such important keys. However, Kenya can't just start its own key without at least a few years of lead time to get on a critical mass of browsers and operating systems by default (although it should start now just to get the ball rolling). Finland and Turkey have CAs (although Turkey's was famously hacked with google.com signatures).
I would suggest that the certificate authority for this be one of the most trusted and common commercial ones - Equifax. That's what Google uses and because they're commercial, will probably be more responsive to the needs of the government than a Koren agency.
-Adam
https://twitter.com/varud https://www.linkedin.com/in/adamcnelson
On Thu, Mar 21, 2013 at 12:32 PM, Kivuva <Kivuva@transworldafrica.com>wrote:
Good points from Brian and Evans.
I think the elephant in the room is CCK to be the Root Certification Authority. PPP as Brian puts it might be the best way to go, although it has its own challenges, as we saw last year when KENIC was facing leadership challenges, and discord within the board. Other channels might be to tender for local companies to bid to be the RCA. This has worked very well in developed countries.
The issue of HR can be sorted if we are willing to empower our youth, by say Knowledge Transfer. Unfortunately, these Asians are not very keen in transferring such knowledge to the client side of the business since they want to be indispensable. But we can be forceful, and find ways to train people who will administer the NPKI system. We currently have thousands of security experts in the country, and we are willing to learn more.
Kind Regards.
-- ______________________ Mwendwa Kivuva
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://orion.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/info%40alyhussein.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.