Anne & Lynn Wheeler
Tue, 03 Jun 2008 08:22:30 -0700
Bill Frantz wrote:
really used for strangers. For people we know, recognition and memory are more compelling ways of trusting. We can use this recognition and memory in the online world as well. SSH automatically recognizes previously used hosts. Programs such as the Pet Names Tool<http://www.waterken.com/user/PetnameTool/> recognize public keys used by web sites, and provide us with a human-recognizable name so we can remember our previous interactions with that web site. Once we can securely recognize a site, we can form our own trust decisions, without the necessity of involving third parties.
that was one of the business case problems early in SSL for electronic commerce ... namely majority of ecommerce was with repeat sites ... while design point of digital certificates is for first time communication between strangers. the other factor that bounded what merchants would pay was liability in electronic commerce ... there were already paying significant interchange fees as part of protecting the consumer. certification authorities weren't looking at taking on any of that aspect. the combination has been pushing digital certificates into the no-value market segment ... which, in turn, further limits what would could be charged for. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]