Eric Murray <[EMAIL PROTECTED]> writes:

>Too often people see something like Peter's statement above and say "oh, it's
>that nasty ASN.1 in X.509 that is the problem, so we'll just do it in XML
>instead and then it'll work fine" which is simply not true. The formatting of
>the certificates is such a minor issue that it is lost in the noise of the
>real problems.  And Peter publishes a fine tool for printing ASN.1, so the
>"human readable" argument is moot.
>Note that there isn't a real running global PKI using SPKI or PGP either.

A debate topic I've thought of occasionally in the last year or two: If
digital signatures had never been invented, would we now be happily using
passwords, SecurIDs, challenge-response tokens, etc etc to do whatever we need
rather than having spent the last 20-odd years fruitlessly chasing the PKI
dream?  There was some interesting work being done on non-PKI solutions to
problems in the 1970s before it all got drowned out by PKI, but most of it
seems to have stagnated since then outside a few niche areas like wholesale
banking, where it seems to work reasonably well.

(Hmm, now *that* would make an interesting panel session for the next RSA


Reply via email to