ITU-T News |
ITU Announces New Edition of X.509 Recommendation Which
Accelerates Global E-commerce Through Enhancements to
Authentication and Authorization Specifications
|
Geneva, Switzerland, March 31, 2000 - The
International Telecommunications Union (ITU) announced today
that Study Group 7 of the Telecommunication Standardization
Sector (ITU-T) today approved a new edition
of Recommendation X.509 for publication. X.509 is a
broadly accepted standard suitable for many environments,
providing an economy of scale that allows e-commerce
transactions and communications to be secured as rigorously as
needed – from consumer transactions with limited risk, to
mission critical business-to-business (B2B) transactions.
X.509 is viewed throughout the Information Technology (IT)
industry as the definitive reference for designing applications
related to Public Key Infrastructures (PKI). The elements
defined within X.509 are widely utilized – from securing the
connection between a browser and a server on the Web to
providing digital signatures that enable electronic transactions
to be conducted with the same confidence as in a traditional
paper-based system.
Recommendation X.509, in specifying public-key and attribute
certificate frameworks, is also one of the premier elements of
the X.500-series of Directory recommendations.
This new edition, developed in close cooperation with ISO/IEC
and the ISOC/IETF, supersedes and replaces the 1997 publication.
-
It contains specific enhancements to
public key certificates to support the correct processing of
certification paths that involve multiple certification
authorities within multiple enterprises, as well as
enhancements in the area of certificate revocation;
-
It contains a significant enhancement to
attribute certificates and definition of the framework for
Privilege Management Infrastructure (PMI). Attribute
certificates will play a major role in globally addressing
the complex security issues of access control and
authorization. They are a standardized mechanism for
defining user access privileges in a multi-vendor and
multi-application environment. These issues are just now
coming to the attention of IT planners, as organizations
move their mission-critical business relationships to the
Web.
"As the X.509 Recommendation was there
anticipating the rapidly growing needs of electronic commerce,
we expect that this new edition will be critical in meeting the
need to protect enterprise resources. It will likely be a best
seller among ITU Recommendations", said Hoyt L. Kesterson
II, chair of the working group that develops the X.500-series.
"The addition of a framework for PMI, and refinements to
certification path processing will play a major role in
establishing the foundation for B2B electronic commerce
growth", said Sharon Boeyen, the editor of X.509.
"This telecommunications standard has been universally
adopted by the computing industry and we believe it is one of
the ITU’s single most important works."
Also, the ITU is pleased to announce that study has begun
towards enriching Recommendation X.509 to better support the use
of public key and attribute certificate frameworks in both
resource constrained (e.g., wireless communications) and B2B
environments (e.g., web based e-commerce) services and
protocols.
Following its today approval, revised X.509 Recommendation will
soon be available online on the ITU-T Web page (http://www.itu.int/itudoc/itu-t/approved/x/index.html) for
prepublished X-series of Recommendations.
For further information, please contact:
Mr. Herbert V. Bertine
Chairman, ITU-T Study Group 7
Tel: +1-732-949-4022
Fax: +1-732-949-1196
E-mail: hbertine@lucent.com |
Mr. Richard Jesmajian
Study Group 7, Working Party 4 Chairman
Tel: 1-732-420-3669
Fax: 1-732-368-1909
E-mail: rwj@att.com |
|
|
|