Skip navigation
Skip navigation
You are using an outdated browser. Please upgrade your browser.

Ten leading PKI vendors successfully prove product interoperability within two-year project

London, UK – April 29 2003. EEMA (the independent, non-profit European e-Business association) today announced the results of its two-year Public Key Infrastructure (PKI) interoperability project – the PKI Challenge. The project has achieved its aim of identifying, addressing and overcoming PKI interoperability issues between the vendor community – issues which had hindered the Europe-wide deployment of PKI as a secure and trusted method of electronic communication.

The project which ran between January 2001 and April 2003, was funded by the European Commission and the Swiss Government, and run by EEMA and a 12-strong management consortium. Ten testing participants - Baltimore Technologies, Cryptomathic, Guardeonic Solutions, Microsoft, RSA Security, Safelayer, TC TrustCenter, SmartTrust Nexus, UTI Systems and VeriSign - successfully tested the interoperability capabilities of their products and services within one or more of the four prepared test plans against a reference implementation over a four month period, and proved interoperability.

The full PKI Challenge report, including the results of all of the testing participants is now available.

“The technical interoperability barrier to the adoption of PKI was an issue we were keen to address within the 5th Framework” commented Gérald Santucci, Head of Unit D4 "Trust and Security” within the European Commission Directorate General Information Society. “The PKI Challenge, through its involvement of key players within the industry, has made a major contribution to that,” he continued. “The resulting wide-spread use of PKI technology should help to fuel new uses of digital certificates in important areas such as e-Government Web portals, healthcare, manufacturing and the financial industry, which can only be a good thing for the development of electronic communications” he concluded.

The PKI Challenge test plans looked at the interoperability of cross certification between peer Certification Authorities, subordinate CA certification from a superior CA to a subordinate CA, enrolment from a client to a CA and validation of the status of a certificate by a client. Technical interoperability issues arising during the testing phase were addressed, overcome and documented, with any technical problems resulting from vendor product anomalies rectified by the vendors concerned in most cases, with testing then resuming as a result.

“We are delighted that the PKI Challenge has demonstrated that PKI can and will work as a method of securing electronic transactions” commented Kate Hodgson, EEMA Board Member and Project Director of the PKI Challenge Management Consortium. “The project was a mammoth task - despite being conducted in an inclement business climate and changes due to company re-structuring, the project was an unmitigated success. The fact that ten of the top PKI vendor competitors took the time and considerable resource to test their PKI components speaks volumes about the industry’s commitment to make this technology work” she continued.

In addition to the full report, all of the findings from the PKI Challenge will be communicated in a series of best-practice documents to be issued as part of the project. There will be three documents, the first of which will be aimed at the user community preparing to install a PKI, the second will give recommendations to technology vendors developing PKI products, and the third will provide challenges to the industry and standards bodies.

The full PKI Challenge report, including the results of all of the testing participants is now available from or by contacting The Best Practice Documents will be launched at EEMA 2003 (EEMA’s 16th Annual Conference in Prague – 16-18 June 2003 –


Press Contacts

PKI Challenge
Kate Hodgson – +44 1246 214649
(or contact for general EEMA press queries)

Baltimore Technologies (exhibiting at InfoSecurity and issued own release)
Irene Dehaene - +353 1 881 6435

Cryptomathic (exhibiting at InfoSecurity and issued own release)
Fiona Potter – +44 1223 225354

Guardeonic Solutions
Emer O’Reilly – +353 1216 2936

Microsoft (exhibiting at InfoSecurity and issued own release)
Steve Adler – +44 7801 881629

RSA Security (exhibiting at InfoSecurity)
Anna Philippen – +44 7770 842966

Mar Santarrufina - +34917080480

SmartTrust/Nexus (at InfoSecurity – contact EEMA stand 142)
Barry Arnott – +44 7958 673660
or Claes Strand – +46 705 526 830

TC TrustCentre
Melanie Krahl - +49 40 8080 26415

UTI Systems
Mihai Ianciu – +402 1 201 2330

VeriSign (issued own release)
Gabriel Dusil (Marketing) - +44 7712 891 093
or Paul Green (Tehnical) – +44 776 489 0710

A faq sheet giving the highlights of the final report is available from the EEMA stand (142) or from +44 1384 374008

About the PKI Challenge -
The PKI Challenge (pkiC) was a two-year PKI interoperability project, which started in January 2001. The aim of pkiC was to overcome the current interoperability problems between PKI products, and thus develop specifications and best practice in the world standards arena.

Funded by the European Commission and the Swiss Government, and organised by EEMA (leading independent, European non-profit e-Business association), the project was run by a management consortium of 13 organisations :-
Baltimore Technologies (Ireland), Belgacom (Belgium), Royal Mail (UK), EEMA (UK), GlobalSign (Belgium), KPMG (The Netherlands), Makra (UK), Security and Standards (UK), SmartTrust (Sweden), University of Leuven (Belgium), University of Salford (UK), Utimaco Safeware (Germany), WISeKey (Switzerland).

The reference implementation was developed and supplied for the pki Challenge by Utimaco, and the Directory used was produced and supplied by MaXware.

The ‘testing participants’ testing their products against the project’s agreed interoperability specification criteria were:
Baltimore Technologies, Cryptomathic, Guardeonic Solutions, Microsoft, RSA Security, Safelayer, SmartTrust, TC TrustCenter, UTI Systems and VeriSign

About EEMA –

EEMA was founded in 1987 and is the leading European non-for-profit e-Business association with the aim of pushing forward the boundaries of e-commerce, technology and legislation.
Its numerous Interest Groups, workshops, conferences and seminars each specialise in areas of current concern, to educate and inform EEMA Members on latest developments and technologies, at the same time enabling members of the association to compare views and ideas.
EEMA works closely with governmental bodies, standards organisations and e-Business initiatives throughout Europe and is an instrumental force in moving European business towards working electronically. Visit or contact

This press release was distributed by ResponseSource Press Release Wire on behalf of EEMA in the following categories: Consumer Technology, Personal Finance, Business & Finance, Computing & Telecoms, for more information visit