Assume, contra facto, that in some future iteration of PKI, it works, and works very well.
What the heck does it look like? At a guess.... Anybody can create a key (or key pair). They get one clearly marked "private", which they're supposed to keep, and one clearly marked "public", which they can give out to anybody they want to correspond with. Gaurantors and certifying authorities can "endorse" the public key for specific purposes relating to their particular application. Your landlord can "endorse" your keycard to allow you to get into the apartment you rent, the state government can "endorse" your key when you get a contractor's license or private investigator's license or register a business to sell to consumers and pay taxes, etc. There are no certifying agencies other than interested parties and people who issue licenses/guarantees for specific reasons. You can use your private key to "endorse" somebody else's key to allow them to do some particular thing (you have to write a short note that says what) that involves you, or check someone else's key to see if it's one that you've endorsed. If you've endorsed it, you get back the short note that you wrote, telling you what purpose you've endorsed it for. Anybody who's endorsed a key can prove that they've endorsed it by publishing their endorsement. You can read and verify public endorsements using the public keys of the involved parties. And you can revoke your endorsement of any particular key, at any time, for any reason. The action won't affect other endorsements of the same key, nor other endorsements you've made. Finally, you can use your private key to prepare a revocation, which can be held indefinitely in some backup storage, insurance database, or safe-deposit box. If you ever lose your private key, you send the revocation and everybody who has endorsed your public key gets notified that it's no good anymore. I think this model is simple enough to be understood by ordinary people. It's also clear enough in its semantics to be implemented in a straightforward way. Is it applicable to the things we want to use a PKI for? Bear --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com