I've suspected that the pricing was set along a line of thinking that goes like this...
1) work group and departmental networking managed to charge $100-$150 / yr / user in exchange for making user administration, file and print share access control management and other related identity management functions (email) "easy" for Windows users. That price model was successfully set back in the NetWare 3 and 4 days, and has continued pretty much to the current day. It made sense because managing user accounts and user desktops is really, really expensive in terms of personnel costs. 2) PKI vendors looked at that and must have said - gee, if we can get $100-$150/yr/user for managing identity around PKI certificates, why shouldn't we? And so they tried. Some of their offerings, securing VPNs, b2b file transfers, etc. were good, but things like S/MIME (really just updated PEM) still aren't worth it, given how difficult it STILL is, even with ubiquitous directories, to manage individual cert lifecycles for users when personnel turnover approaches 30% per year. 3) the standards groups, PKIX in particular, still haven't addressed the cert life cycle management issues, and neither has the market place, in any coherent, interoperable fashion - they've got their hands full getting simple things like LDAP storage of certs working right, and are more interested in computing trust across arbitrarily long chains of root ca cross certifications (bridges). 4) the PKI vendors IPO's were based on the $100-$150/yr/user business model 5) because of #3, customers wouldn't pay, resulting in the "shakeout" in the industry 6) new markets for PKI, like companies who want to issue identity certs to each of their customers, or manufacturers of, say, cable settop boxes or mobile phones, who need end-point-authenticated out-of-the-box self-registration and accountably secureable connections for MILLIONS of new devices / customers per year can't get the PKI vendors to budge on their rediculous price points, so they look elsewhere. After some research, it appears to me that there's a tidy little business possible for someone to break the mold. Sell PKI software the same way you sell Manufacturing software - on the basis of the size and complexity of your installation and its support costs, not on the basis of the number of widgets you manufacture. Price points between $0.002 and $0.20 per cert would allow someone needing 20 million certs to buy for $40K - $4M, depending on how integration complexity they have. Add-on sales for insurance and warrantee (for loss of business coverage) and high assurance operational costs they need to cover their own liability would be extra. Certs need not expire very quickly - these are identity certs that can last as long as the device / policy holder lasts, or until technology makes them obsolete. I wouldn't even price it per cert, but you've got to have the comparison available to show the difference. The point is that $1M-$4M is well within reason for many of these kinds of applications, but $100 x 20M = $2,000M isn't. To be fair, vendors in discussion for these kinds of applications appeared to be willing to "come down" to $40M or so, or about $2 per cert per year - still an order of magnitude too much. The business profits come from charging for consultant aided integration of the key generation (where key escrow is desired) and certificate signing requests into order processing and manufacturing operations, so that chips or customer databases are populated with identity information when the device is manufactured. Registration occurs when the device comes alive and contacts its pre-configured service depot at power up to receive configuration / customer policy information customized for its use. Or when the policy holder connects to the customer portal and authenticates via password / pass phrase / policy information knowledge (the same way registration for phone access to policy information is provided today). Using PKI in these applications is completely different from the S/MIME model, but addresses real business needs. It allows out-of-the-box strong authentication of devices at power on (assuming network connectivity). That provides for a whole new raft of delivery chain customer service and provisioning solutions that are really cumbersome, today, without PKI. For customer databases, it allows the vendor to use PKI-based authentication from portal servers into back-end systems (you really, really don't want to think about provisioning 20,000,000 consumer's browsers with personal certs, do you? Why, do you own a customer support phone bank needing work?) while supporting smart card and other stronger authentication into the same back end systems for administrators and customer support folks, with full accountability (auditability) and separation of duties based on the strengths of the authentication / cert key protection (documented by the CAs who issue the certs based on the key protection and strength mechanisms) And note something else - this volume of cert usage is all within single companies so there's no cross certification issue at all! It can easily be deployed under a single root ca, so if the cross certification trust routing algorithms ever progress beyond the moral equivalent of RIP (or even RIP2) you can discuss broader uses. The point is that the PKI world has ignored gigantic opportunities for deployments while chasing after what are ultimately ungrateful markets - email certs. Big companies can't go after this business, though - it's lower margin, because its commodity-oriented, and there's still substantial investment needed to create the scaleability needed in OCSP and CRL processing, just for instance. But it's ought to be a nice business for someone able and willing to crack the egg and introduce a different business model all together for PKI solutions. I tried to interest some VCs in the approach, but it was right before and after 9/11 and people's heads were somewhere else. Anyone care to make a go of it? If we start now, we ought to have a nice little company to pay for my/our retirement in 15-20 years...5 yr IPO exit strategists need not apply. Ed >>> Peter Gutmann <[EMAIL PROTECTED]> 9/25/2003 5:24:48 PM >>> Ed Gerck <[EMAIL PROTECTED]> writes: >PRICING STRATEGY: CAs should keep their prices high and find ways to add >price to current products (eg, offering insurance, different certificate >classes, benefits for CRL access, etc.) -- because the potentially difficult >mid-term future of such business impose the need for a large ROI in a short >time. This is probably not a long-term business activity. Actually there's a second aspect to this as well: Verisign's managed PKI services. The idea here is that since PKI (specifically, the X.509 PKI model) is too hard for any normal person or organisation to handle, you charge people an enormous amount of money to run their PKI for them. You end up talking to a Verisign cloud that acts as an authorisation oracle ("Is this thing OK?" - "Yep, go ahead"), although exactly why you need a PKI for this rather than (say) a basic challenge-response protocol to query the cloud is unclear (maybe it's a fashion thing, or an in-joke that no-one's let me in on). As a moneymaking racket, it's second only to the "make the browser warning dialogs go away" one: First you create an unworkable PKI design (although Verisign didn't do that, they're just taking advantage of it), then you charge people buckets of money to run it for them (and in terms of money-earners, it leaves the $495 server certs in the dust - it's sort of like a PKI-DNS service, except that you pay 5-6 figure sums for your name/key registration). Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED] --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]