I'm sorry if it comes across as TTPs are useless. There are a lot of AADS examples of TTPs that are extremely useful. I've sometimes abbreiviated "offine TTP/CA" to just TTP.
I've looked at certificates and TTP/CAs from an distributed information model. My wife and I have done a lot of work in this area in the past (multiprocessor cpu cache designs, distributed file, caching & locking designs, distributed database, caching & locking designs). From an information analysis standpoint, the basic certificate is a piece of R/O cached, distributed information .... which uses some cryptography for assurance about the integrity of the cached entry (similar to the way that multiprocessor cpu cache designs used check & partity codes). AADS model corresponds to traditional business bilaterial agreements (contract law) and/or online TTP models. The issue is where does an offline TTP/CA certificate model fit. Typically contracts involve two parties where there has been exchange of consideration. One of the issues in the TTP/CA with respect to RPs is the lack of consideration between the two parties. This frquently will then fail the basis for a contract and therefor any concept that there is any obligation between the TTP/CA and the RP in any way. Of course, govs can legislate anything they want to be true. Even in B2B .... there is either 1) an established business context that includes things like authentication, aggregation, and some other characteristics and/or 2) access to an online TTP. AADS fits when either "1" or "2" is true. Trying to force fit a TTP/CA certificate designed for an offline environment into such an environment is pure contrivence (redudant and superfulous). TTP/CA certificates are useful when neither "1" (aka established business relationship) and "2" (aka no recourse to an online, realtime TTP) are true. Furthermore, because of the frequent stale nature of TTP/CA certificates, if the B2B relationship involves anything of any value ... and even if both "1" and "2" are true, the parties may delay actual finalization of initial negotiations until after there has been timely, current validation established (even if it involves sending off telegram/email and waiting for the response). The issue of a TTP/CA for offline certificates is trying to find a market niche where neither "1" nor "2" applies. This typically will be situations involving little or no value. The problem then for a TTP/CA in supporting environments with little or no value .... can they make an business plan based on selling certificates for situation involving little or no value. Again, govs can legislate something here and/or provide the service (aka when it doesn't make sense in traditional business relationships as well as being shown to have little or no value). So there are lots of examples where it is possible to examine the information flow and characteristics in detail and show that if either "1" or "2" applies then certificates are redundant and superfulous So we look at it from a slightly different point. We examine the domain use of TTP/CA certificates in the world today, whare are SSL domain name certificates (the claim is that they account for 99.99999% of all certificate-related events that occur in the world today). As outlined in the original ref'ed postings .... and aggregated in http://www.garlic.com/~lynn/subtopic.html#sslcerts there is an online authoritative reference for domain names. The issue was that there are integrity issues with the online authoritative reference for domain names .... and SSL domain name certificates was a quck & dirty fix pending the much more difficult task of fixing a deployed and established legacy system. This fit the criteria that there was no recourse to an online TTP ... aka while it is online ... and it is third party ... there were concerns that it didn't fit the "trusted" part of "online trusted third party". The irony is that the TTP/CAs when issuing an SSL domain name certificate ... actually have to check with the authoritive authority for domain names (which is the same "untrusted" domain name infrastructure) as to the validity of the owner of that domain name. It turns out integrity issues affect both the basic use of the online domain name infrastructure as well as the use of the domain name infrastructure by the TTP/CAs for validating the information that goes into SSL domain namme certificates. There is proposal, somewhat motiviated by the TTP/CA industry, to improve the integrity of the domain name infrastructure information. However, implementing such a proposal on behalf of the TTP/CA industry also goes a long ways towards negating the need for having SSL domain name certificates. Turning an online untrusted third party into an online trusted third party eliminates the need for certificates ... conforming to the assertion that certificates are useful only when both "1" (established business context) and "2" (recourse to online TTP) are not true. If either "1" (established business context) or "2" (recourse to online TTP) can be shown to be true .... then it can be shown that the certificate construct (R/O, cached stale data) is redudant and superfulous. So TTP/CAs work when there is neither 1) established business context (typical contractual or bilaterial environment) nor 2) recourse to online TTP. I've given an example of specific analysis of "2" with respect to "trusted". The business opportunity for "2" (assuming non-bilaterial and/or non-contractual) can be looked at in the individual pieces: a) recourse to online b) trusted The SSL domain name certificates currently exists because of the failure of "b" or "trusted". "A" or "recourse to online" ... can be because the implementation just doesn't exist .... or the operation in question doesn't business justify an online operation. These days with the online world starting to penetrate every nuck & crany .... the idea that "online frequently doesn't exist" is typically associated with the business idea that it isn't cost justified. With the continued cost reductions related to online, this niche is becoming smaller and smaller. An assertion is that "recourse to online" can be frequently simplified as a not cost justified. The associated implication of not being cost justified also implies low value operations. Again the problem for a TTP/CA trying to sell certificates into a low value or no value market niche is that a viable business plan is difficult to create. "Anders Rundgren" <anders.rundgren@te To: <[EMAIL PROTECTED]>, lia.com> "internet-payments" <[EMAIL PROTECTED]>, 12/10/2002 04:56 AM <[EMAIL PROTECTED]> cc: Subject: Re: First Data Unit Says It's Untangling Authentication Lynn, You must join the new OASIS PKI TC that is trying to address why PKI have failed. Note: I don't share your view that TTPs are useless, as entire societies are built on "TTPs". I.e. governments. Hopefully CAs can do better than governments as the former's tasks are better defined and very limited. Note also that FirstData's system as well as AADS have a rather limited scope with respect to transactions. For B2B-messaging in general, AADS falls short as AADS in only suitable in a bilateral relation. That does not mean that FD or AADS is wrong, it is just the universality, I claim is a bit exaggerated. Anders ----- Original Message ----- From: <[EMAIL PROTECTED]> To: "internet-payments" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, December 09, 2002 21:37 Subject: First Data Unit Says It's Untangling Authentication cross-post thread from another mailing list: http://www.garlic.com/~lynn/aadsm12.htm#50 Frist Data Unit Says It's Untangling Authentication http://www.garlic.com/~lynn/aadsm12.htm#51 Frist Data Unit Says It's Untangling Authentication and somewhat related thread in sci.crypt ng: http://www.garlic.com/~lynn/2002p.html#9 Cirtificate Authorities 'CAs', how curruptable are they to http://www.garlic.com/~lynn/2002p.html#10 Cirtificate Authorities 'CAs', how curruptable are they to http://www.garlic.com/~lynn/2002p.html#11 Cirtificate Authorities 'CAs', how curruptable are they to http://www.garlic.com/~lynn/2002p.html#12 Cirtificate Authorities 'CAs', how curruptable are they to http://www.garlic.com/~lynn/2002p.html#17 Cirtificate Authorities 'CAs', how curruptable are they to http://www.garlic.com/~lynn/2002p.html#18 Cirtificate Authorities 'CAs', how curruptable are they to http://www.garlic.com/~lynn/2002p.html#19 Cirtificate Authorities 'CAs', how curruptable are they to http://www.garlic.com/~lynn/2002p.html#20 Cirtificate Authorities 'CAs', how curruptable are they to http://www.garlic.com/~lynn/2002p.html#21 Cirtificate Authorities 'CAs', how curruptable are they to