5 Developments in the Asia/Pacific Region

5.1 The APEC eSecurity Task Group

5.1.1 This is a Task Group within the Telecommunications and Information Working Group of APEC (APEC TEL). At the 23rd APEC TEL meeting in Canberra in March 2001, PKI-related initiatives were presented by representatives from a number of member economies. Some of these are briefly described in this section . They are evidence of a high level of activity among a number of economies of direct importance to New Zealand, both economically and politically.

5.1.2 Many of the activities of the eSecurity Task Group (in areas such as Trust Lists and Cross-Recognition) are directly relevant to S.E.E. PKI. NZ involvement is therefore important, if only as an observer and survey participant, so as to 'let them know we exist'. The S.E.E. team should liaise with other NZ government entities such as MED to ensure that the national interest is maintained in this area.

5.1.3 The eSecurity Task Group convenes a PKI Interoperability Expert group, currently examining interoperability between a number of schemes in APEC economies. This involves identifying the key elements of a PKI scheme and then mapping the various approaches against those key elements.

5.2 Mapping of Certification Authority Accreditation Schemes

5.2.1 This was an exercise carried out to compare CA accreditation schemes between Australia, Chinese Taipei, Hong Kong China, Japan, Korea, Singapore, Thailand and Canada. The results identified a number of areas where work is required to harmonise practices for the furtherance of trade within the region, for example in approach to interoperability and cross-certification.

5.2.2 There was no NZ participation in this exercise. However, the results of any resulting harmonisation activities are likely to have a direct effect on trade activities throughout the region (including involvement of regulatory and Customs authorities).

5.3 Asia PKI Forum

5.3.1 Private sector organisations in Japan, Korea and Singapore, with strong support from government have formed the above grouping, which superficially compares to equivalent (and similarly named) bodies in Europe and North America, and also to a lesser extent to the Certification Forum of Australasia (CFA). Its objective is to share experiences and harmonise approaches across the region.

5.3.2 The Asia PKI Forum held an inaugural conference in Tokyo in June 2001. The CFA was involved in that meeting. Early reports are that the Asia PKI Forum at this early stage is politicised and has yet to settle on a clear technical agenda.

5.3.3 Membership fees for the Asia PKI Forum are yet to be announced but are expected to exceed US$30,000 p.a.

5.3.4 The CFA would appear to be an appropriate vehicle for NZ interests to be maintained in the international 'PKI Forum movement'.

5.4 The Pan Asia E-Commerce Alliance

5.4.1 Five commercial organisations forged this initiative to facilitate trade documentation between Hong Kong, Singapore, Taiwan, Korea and the Peoples Republic of China. Its objective is "to be the leading body of collaborative organisations promoting and providing secure, trusted, reliable and value-adding IT infrastructure for efficient global trade and logistics" . Total membership of the parties exceeds 120,000 organisations, representing almost every company in the trading community of the five markets.

5.4.2 The Pan Asia E-Commerce Alliance is developing a Certificate Policy and interoperability scheme to enable digital certificates issued by each member to be recognised by the others.

5.4.3 According to their website , "businesses trading across these countries can look forward to: less paper work in document submission and cross-border trade approvals; ready acceptance of cross-border certification policy; more secured transactions over the web, time and cost savings in dealing with the Alliance as a single point of contact. A pilot run for the secure document exchange of packing lists and invoices and other trade documents will take place in the first quarter of 2002".

5.4.4 Based on the APEC cross recognition concept and Trust Lists, this programme looks to be the most progressive of its kind in the world. It is therefore important that information on these developments is available to NZ participants in PKI-related activities.