One of our jobs as analysts to provide insight and vision on what an when things are going to change and how it is going to happen. Sometimes though, my fellow analysts are far off with their predictions, sometimes one just underestimates the market pull or some impressive marketing stunt one of the vendors pulls to push the cause. Other times, for example with PKI, the real hype never materializes - but nevertheless the technology silently grows and matures and never really vanishes.

Lately, I was doing some work with Entrust and they were curious to hear that I had been tlaking to some companies who had actually come up with plans of deploying a PKI in near future. No kidding! We even saw the complete raza&rebuild of PKIs where Fraunhofer has created a new competence center around PKI and set up a new, TeleSec signed root-CA. Fun thing is, they are even offering 3rd person certificates free of charge! At least to their communication partners - and it is a still in the evaluation phase.

Besides, PKI "v2"  seems to have become more or less part of the infrastructure, as some smaller companies just decide to go the KISS way and deploy a Microsoft PKI (not that it is easy to create one works, and works the way you like it to work - thorough planning is recommended!). Fun thing is, I even heard vendors say: "uhhh, if it is only x,000 people and it is just for authentication - do your customer a favour and stick with a 'simple' solution". By `simple` one meant "low on license cost and maintanence", at least that is what I derived from it.

Anyway, integration and proper use is always key to the success of such a technology and thus I am pretty sure that if there is a use case and a direct application, any company can benefit from setting up a PKI. Especially in those situations where there are tokens and/or smartcards available as certificate containers, that are used as comapny badges or access tokens for PACs or time & attendance solutions. Hm, ... now I do sound like Mr. Self-Fulfilling Prophecy, don't I? Anyway, if I use my crystal ball I definitly see more integration and thus convergence, and PKI with multifunctional smartcards are part this as well as the use of SSO and centralized IAM!