First published: 30th June 2009
We welcome comments from our readers and like to include different viewpoints.
Allan Dyer, Editor
Low Adoption of e-Certs
My own view on why eCerts have not been adopted is that they are just too confusing to the general public. Even IT professionals.
- How to get them
- How to use them
- How to store them
Are all just riddled with complex processes, jargon and confusing instructions.
Compare this ;
E-Mice Solutions wrote, "Currently, our practice is to issue e-Cert to the applicant in the storage medium of either floppy disc or File Card. Additionally, applicant may choose to have a copy of e-Cert loaded into his HKID card. We believe that this practice can provide the subscribers, who come from the general public, with the flexibility of deploying the e-Cert according to their own needs. This also allows subscribers restoring their e-Cert from floppy disc or File Card when needed, addressing the danger of losing the private key holding in a single media."
"If an applicant wishes to request for the e-Cert to be delivered on his HKID card alone, he may raise such request through a signed e-mail or a signed instruction on the paper application form."
Thus, there are three options for storing an e-Cert:
| HKID card | File Card | Floppy Disc | |
|---|---|---|---|
| Hardware Standard | ISO 7816 | ISO 7816 | FAT |
| Driver | PC/SC | PC/SC | floppy |
| Public-Key Cryptography Standard (PKCS) | PKCS#11 | PKCS#12 | PKCS#12 |
| Software | e-Cert Control Manager | e-Cert File Card Utility Program | No additional software required |
| PIN length | 8 numeric digits | 16 numeric digits | 16 numeric digits |
| PIN lockout | Permanent on more than 5 consecutive incorrect PIN tries | none | none |
| Private key can be exported? | No | Yes | Yes |
to the alternative method on offer
Your Signature___________________________________
And I think you'll see the problem.
As long as it involves effort and an understanding of IT jargon it will never be widely used.
Ralph Magro
Director, STFS