1 Introduction

1.1.1 The Secure Electronic Environment (S.E.E.) Project is developing a Public Key Infrastructure (PKI) for use among NZ Government agencies. Its primary purpose is to authenticate public servants to inter-agency web-based applications classified up to SENSITIVE.

1.1.2 The S.E.E. PKI Project's goal is to promote interoperable PKI solutions within the government, the development of common guidance, and the sharing of information, resulting in economies of scale, reduction of risk, and systems that are fast to implement, and easy to use.

1.1.3 This document discusses ways of PKI enabling an application using S.E.E. Key.

1.1.4 The document does not attempt to describe a perfect architecture for all applications. There are many ways of doing things, and this discusses just a few.

1.1.5 It is our hope that vendors will write cases studies of PKI enabling applications using their tools.

1.1.6 This is the eleventh in a series of documents. Other documents are:

• Decision paper 1: Governance and accreditation

• Decision paper 2: Public sector, private sector and offshore CAs

• Decision paper 3: Authentication Mechanisms

• Decision paper 4: Trust models

• Decision paper 5: Identity

• Decision paper 6: Impact on agencies

• Decision paper 7: International Perspective

• Decision paper 8: Certification Authority Accreditation

• Decision paper 9: Certificate Policy

• Paper 10: Guidelines for agencies choosing a Certification Authority

• Paper 11: S.E.E. Key enabling a web based application