8 Approach by other countries

8.1.1 US and Canadian public sector organisations sometimes run their own CA, sometimes outsource operations, and sometimes use private sector CAs.

8.1.2 The US and Canada are developing a "bridge" to permit interoperability among CAs and expect to include other nations' CAs. This currently requires custom software but we can expect to make use of this technology off the shelf in a few years.

8.1.3 The Australian government GateKeeper strategy requires that government agencies use a GateKeeper accredited CA, and GateKeeper require that CAs be Australian registered companies physically located in Australia.

8.1.4 Members of the European Union are required to recognise each other's CAs and there is an agreed standard for digital signature certificates ("qualified" certificates) across the EU. Norway has outsourced to three private sector certificate authorities.