1 Introduction

1.1.1 The Secure Electronic Environment (S.E.E.) Project is developing a Public Key Infrastructure (PKI) for use among NZ Government agencies. Its primary purpose is to authenticate public servants to inter-agency web-based applications classified up to SENSITIVE.

1.1.2 The S.E.E. PKI Project's goal is to promote interoperable PKI solutions within the government, the development of common guidance, and the sharing of information, resulting in economies of scale, reduction of risk, and systems that are fast to implement, and easy to use.

1.1.3 This document discusses issues that may affect our confidence in a PKI if Certification Authorities (CAs) are run by the public service or the private sector, and if the private sector, whether we can use both New Zealand and foreign CAs. These decisions need to be based on our confidence in the protection the CAs provide, and the trustworthiness of their personnel and operations.

1.1.4 Please note there will be other criteria for choosing a CA in addition to the issues presented here, and that more than one CA can be chosen.