Eric Murray <[EMAIL PROTECTED]> writes: >Too often people see something like Peter's statement above and say "oh, it's >that nasty ASN.1 in X.509 that is the problem, so we'll just do it in XML >instead and then it'll work fine" which is simply not true. The formatting of >the certificates is such a minor issue that it is lost in the noise of the >real problems. And Peter publishes a fine tool for printing ASN.1, so the >"human readable" argument is moot. > >Note that there isn't a real running global PKI using SPKI or PGP either.
A debate topic I've thought of occasionally in the last year or two: If digital signatures had never been invented, would we now be happily using passwords, SecurIDs, challenge-response tokens, etc etc to do whatever we need rather than having spent the last 20-odd years fruitlessly chasing the PKI dream? There was some interesting work being done on non-PKI solutions to problems in the 1970s before it all got drowned out by PKI, but most of it seems to have stagnated since then outside a few niche areas like wholesale banking, where it seems to work reasonably well. (Hmm, now *that* would make an interesting panel session for the next RSA conference). Peter.