Australian example: Federal Government GPKA

• Government Public Key Authority (GPKA)
  • http://www.gpka.gov.au/ <http://www.gpka.gov.au/>
  • Sets standards, but only for Federal agencies using digital signatures and encryption
• The GPKA privacy Criteria
  • Only applies to accreditation of Certification Authorities (CAs) as yet
  • Based on the Information Privacy Principles (IPPs)
  • Additional protections for Certificate Revocation Lists (CRLs) and other directory services
  • Requires CAs to be able to issue multiple certificates to individuals
  • Requires CAs to be able to issue anonymous and pseudonymous certificates