|As it as been proven for the internet development, we are convinced that libre software used in the context of security infrastructure would be an accelerating vector for its application. Based on a team involved on foreground projects in their respective countries, they propose to share their components and their knowledge to provide a trusted, open and interoperable Public Key Infrastructure, PKI, the cornerstone software component for secured applications delivered on the Internet. This project will propose server-side components, with Directory, Registration & Certification Authority modules, and client-side components, with smart card support, key generator. In order to take into account the legal specificities of European countries, cryptographic components will be plugable to enhance the modularity. EUPKI will be specified by social and business partners and demonstrated by a Certificate Authority.
This project will produce a free software PKI as the foundation component for secure exchange of information. The project will provide free access to a high quality, modular and totally open software and hardware solution to the market.
This project has three objectives:
1.Trust in implemented functionalities: libre software development will ensure a total visibility of the global solution, enabling independent critical evaluation and thus establish maximum user trust and confidence.
2.Continuity of the solution: a libre software approach is the only way of proposing a solution which does not rest on only one private actor, and which is continuously supported, improved, and extended.
3.Quality in the released code: The software will have the quality necessary for it to be applied in any kind of domain, allowing legally binding transactions. By their own nature, free public software projects realize higher code quality than commercial implementations.
EUPKI is built up to the technological material brought by the partners of the consortium, and completed by complementary components developed to fulfil the global objectives of EUPKI. The first stage will be necessary to gather requirements through brainstorming meetings in order to produce the EUPKI project perimeter, finalize the expressions of need and delineate the scope of the evaluation process. At the same time, the observations of material brought by the partners, like Registration Authority, Certification Authority, directory and smart card support, allow to choose the existing components, and anticipate the integration work by testing and plugging the latest in the final architectural framework. The Design stage will provide all specifications to implement and test the developed modules necessary for EUPKI completion : Key generator, Certificate Management Protocol standards, abstraction layer of cryptographic resources. For those typical software development stage, the security requirements will be stated permanently. Once the components have been implemented, they can be integrated into the final architecture with the pre-qualified components. The integration stage will run to the end of demonstration to support the partners involved in the demonstration of the project in a professional and operational environment. All these actions will be coordinated by the management team that will provide all necessary guidelines and template documents for a global consistency and cohesion of the project's quality.
Even if we plan to bring material as early as possible, the Milestones of the project are:
M0 (T0+3): Final Requirements and project perimeter
M1 (T0+6): Final Specification and design
M2 (T0 +12): Developed components
M3 (T0 + 18): Integrated project
M4 (T0 + 20): Demonstration of EUPKI solution.