Electronic Service Delivery (ESD) in HKU

HKU Digital Certificates (HKU-Cert) to be issued in September

The Computer Centre is pleased to announce that the HKU Certification Authority (CA) will start to issue digital certificates (HKU-Cert) and the corresponding private keys to University staff and students starting from September 25, 2000. The HKU-Cert will be used in HKU Electronic Service Delivery (ESD) applications where electronic signatures are required, and in e-mail programs which support the use of electronic signatures and encryption of e-mail messages.

The HKU CA is built on the Public Key Infrastructure (PKI) technology. Click here for a brief description of the basic mechanism of the PKI technology.

HKU staff and students can apply for a HKU-Cert from the Computer Centre General Office. The applicant should bring along a signed copy of the HKU-Cert Subscriber Agreement and his HKU staff or student Smart Card. The private key will be written directly on his HKU Smart Card and on a business-card-sized CD-R (read-only CD) which serves as an alternate copy of his HKU-Cert. Access to the private key on the HKU Smart Card or CD-R will be protected by a password chosen by the subscriber. A HKU-Cert subscriber must take good care of the private key issued to him.

Use of the HKU-Cert in HKU ESD Applications

The use of digital signatures will speed up the work flow from an end-user filling in a web-based form to the final completion of an ESD application. This will eliminate the requirement of written signatures and the handling of paper forms, and increase the productivity of all parties involved.

HKU staff and students can use their private keys to sign in the HKU ESD applications, most of which also accept signing using the private key stored on a CD-R so that the user can sign at any PC with a CD reader, say, at the office, in the computer laboratories, in residential halls or from home. Some applications, especially those requiring signatures by department heads, would require signing using the private key stored on a HKU Smart Card at designated PC's installed with a smart card reader. This provides additional security.

The following ESD applications of the Centre's services will be ready for use when the HKU-Certs are issued in September 2000:

Purchase of laser-printing units for printing in Computer Centre PC Laboratories by staff and students
Purchase of computer hardware or software offered by the Computer Centre (for details of this, please refer to the article "A New CC Ordering System Using Digital Signatures" in this Computer News)
Application for special computer accounts -- on-line application to replace paper application forms (for details of this, please refer to the article "The Formflow System - A paperless application form system" in this Computer News)

The Computer Centre is also working with the administrative offices to develop other ESD applications which will be ready for use later.

Departments interested in exploring the use of digital signature technology to improve the efficiency and effectiveness of their management processes can contact the undersigned for more information.

Use of HKU-Cert in E-mail

HKU staff and students can also import their private keys and other people's digital certificates (e.g. HKU-Cert, HK Post e-Cert) to e-mail programs which support digital signature and encryption.

Netscape v4.7x supports electronic signatures and encryption. We shall provide the procedure on how to set up Netscape v4.7x to use HKU-Cert when HKU-Certs are issued.

Outlook v5.x and Outlook Express v.5x also support electronic signatures and encryption, but the set-up is more clumsy. Other commonly used e-mail programs such as Eudora Light, Pegasus Mail, pine and HKU Webmail do not yet support electronic signatures and encryption.

Presentation Session and User Training

We shall organize presentation sessions on PKI and ESD applications with hands-on training on:

how to sign in HKU ESD applications,
how to install a private key and digital certificates in e-mail programs,
how to sign, encrypt and decrypt e-mail messages.

Details on dates and venues will be announced in the Training News and via e-mail to our staff and students when the training schedule is fixed. Registration for attending these presentations and training sessions can be made by filling in the registration form in the Staff Intranet or Student Intranet.

If you would like to know more about the HKU CA and HKU-Cert, please contact the undersigned.

M. C. Pong
Tel: 2859 2491
E-mail: pmc@cc.hku.hk

[Contents ] [Next] [Previous]