Questions, Questions What's this Shibboleth thing anyway? Is it anti-PKI? post-PKI? Is it secure? Is it real? Will anyone use it? Will it work with my existing web stuff? What's this privacy-protection business? Is it time to deploy PKI on my campus? I thought PKI was dead? What benefits would I get? Is it too complex technically? Is it too complex politically/legally? Should I deploy server certs? end-user certs? Should I outsource or use in-house skills? Should I join a hierarchy or bridge? Is there hope for secure e-mail? What about Passport? Well, what about it?

Workshop: Shibboleth, Certs, and PKI CSG, Sanibel Harbour, January 2002 RL "Bob" Morgan, rlmorgan@ washington.edu