Public Key Infrastructure

The Queensland Government PKI Policy Authority (QGPKIPA) has commenced an exit strategy for the QGPKI and all associated products and services.

Following a review of the PKI policy and position for Queensland Government, the QGPKIPA has formed the view that the increased maturity, capability and capacity to provide PKI solution within the market place and the development of a range of alternative approaches to authentication and authorisation within ICT ecosystems has increased the viability of federated architectures for security and reduced the benefits of an holistic whole-of-government PKI approach.

As such the QGPKIPA has authorised CITEC to cease all new QGPKI certificate issuing and only maintain the minimum capability to support existing clients until such time as they can cease reliance on existing QGPKI infrastructure.

The current PKI policy and position are being reviewed for repeal and agency Chief Information Officers will be informed once the Queensland Government Chief Information Officer approval has been sought.

Once the documents have been repealed they will be placed in the QGEA Knowledge Base, located on the QGCIO portal.

Accordingly, as per communication to all agency CIOs, effective 1 August 2013, CITEC will no longer offer QGPKI services to Queensland Government Agencies.

CA Documentation

Documentation for CA Repositories hosted on the Whole of Government PKI Repository Service can be located by navigating the relevant hierarchy from the Root CA down. The QGPKI provides for Root CAs in the following environments. Use the links below to begin navigating through the QGPKI hierarchy.

Services

SSL Certificates

No new SSL certificates will be issued from 1st August 2013. From this date, clients can source SSL certificates from a commercial provider.

Where applicable, for existing Queensland Government Agency users, CITEC will continue to support current SSL certificates until 30 November 2014.

PKI DNS

CITEC will continue to offer the DNS Service with QGPKI names resolvable until such time as:

CA Repository

OCSP Reverse Proxy

CA Signing

The aforementioned timeframes are in line with the QGPKI Migration Plans issued to the QGPKI PA by Queensland Government Agencies with current CA’s under the QGPKI hierarchy.

Contact

Agencies seeking information or assistance from the QGPKIPA should approach the secretariat in the first instance at QGPKIPA@qld.gov.au

Agencies seeking assistance with QGPKI services should contact PKI-Services@citec.com.au.

CITEC Department of Public Works