In a previous whitepaper we looked at directory requirements for the support of a large distributed PKI, and set out the reasons for building such a PKI and the requirements on the associated distributed directory in order to support the PKI. That whitepaper took a "top level" view, and focused particularly on the relationship between departments and what is needed to be supported in the middle. Departments were modeled as having a single directory server, which is quite simplistic.
A new whitepaper on the Isode site "Distributed Directory in support of Large Scale PKI: Supporting Government Departments" takes a departmental view, and looks at what a department will realistically need to do in order to provide a directory service that will integrate into the complete system.
Whilst this whitepaper takes a generic approach, the models set out are written in light of the requirements of US Government departments that need to conform to Homeland Security Policy Directive 12 (HSPD12) and will interconnect using the Federal Bridge as part of the US Federal PKI.
Comments