Ian Grigg <[EMAIL PROTECTED]> writes: >> It's 2005, PKI doesn't work, the horse is dead. > > He's not proposing PKI, but nymous accounts. The > account is the asset, the key is the owner;
Actually, I wasn't proposing that. I was just proposing that a private key be the authenticator for payment card transactions, instead of the [name, card number, expiration date, CVV2] tuple -- hardly a revolutionary idea. You are right, though, that I do not propose that any PK_I_ be involved here -- no need for certs at all for this application. I don't claim this is a remotely original idea, by the way. I'm just flogging it again. > But, thank the heavens that we now have reached > the point where people can honestly say that PKI > is the root cause of the problem. "Root Cause of the Problem" isn't correct either. It is better to say that PKI doesn't solve many of the hard problems we have, or, in some cases, any problems -- it doesn't per se cause any problems, or at least not many. This is not a "new realization" -- this goes back a long way. People were saying PKI was a bad idea a decade ago or more. A number of the people here, including me, gave talks on that subject years ago. I spoke against PKI during the debate I was invited to at the Usenix Electronic Commerce Workshop in 1998 or so, and at many opportunities before and since. Dan Geer has a pretty famous screed on the subject. Peter Gutmann talks about the follies of X.509 so often it is hard to keep up. I don't mean to single us out as visionaries -- we were just saying things lots of other people were also saying. Honestly, where have you been? > Can you now tell the browser people? I can smell the rest of this discussion right now, Ian. You'll misunderstand the constraints the browser people are under, and start claiming SSL is bad (or unnecessary) about 20 seconds after that. I'm not playing the game. Perry --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]