Proprietary software, in any product, allows greater sophistication and fancier features. Open, standardized interfaces allow interoperability. While every company gets to make this choice for themselves, it is apparent that most customers prefer open products. They want to know that they won't get stuck if the vendor they're dealing with goes out of business; they want to know that the product they buy to do X will be able to interwork with another product they've bought to do Y. As for companies being their own CA, this is very important in some environments, as is the outsourcing model in other environments. This is why several PKI vendors today offer both options.

PKI is rapidly maturing as a security solution, how do you envision the future for PKI?

We tried to cover exactly this question in Chapter 15. In short, I believe that the future is quite healthy, but many are now starting to realize that PKI is only a part of the overall security landscape. PKI offers things that other technologies can't offer (such as digital signatures), but it doesn't do everything. Environments still need virus scanners, firewalls, privacy infrastructures, and so on.


What are your future plans? Any exciting new projects?

6. I'm involved in authorization architectures, authorization policy languages, and security for Web services, among other things. There's no shortage of new and exciting things in the security field these days!