Developing a Certification Authority for PKI at Virginia Tech

Virginia Tech's Information Resource Management (IRM) department conducted research on PKI and smart card technologies. Pilot projects included evaluating and testing commercial software from Baltimore Technologies, Entrust, VeriSign, and Microsoft and open source software OpenCA and OpenLDAP for establishing certification authorities. Outsourcing parts of the PKI environment to third-party companies was investigated. Smart cards and tokens from companies such as Gemplus, Schlumberger, Dallas Semiconductor, Axalto, Maganet, and Aladdin were tested. The research and pilot programs resulted in the establishment of the Virginia Tech Certification Authority (VTCA) using OpenCA, with plans to initially distribute personal digital certificates on the Aladdin eToken. By establishing and using our own certification authority, Virginia Tech achieves a very high level of trust in the certificate issuance process and in the identities of the recipients of the certificates.