Re: PKI: The terrorists' secret weapon (part II)

Wed, 14 Mar 2007 11:54:52 -0800 

re:
http://www.garlic.com/~lynn/aadsm26.htm#40 PKI: The terrorists' secret weapon

so the other way of thinking about the "I" in PKI is that basically PK is an 
Authentication
mechanism, the "I" frequently stands for attempting to move upstream in the value-chain revenue flow to Identification. 

several issues:
1) emulation of the credential/certificate/license paradigm from the offline world (like letters of credit/introduction) is net positive when there is no other avenue for providing the necessary information. it can quickly become redundant and superfluous in any move into the online world.
2) PKI perceived value supposedly increased proportional to the number of attributes (i.e. personal information) included for an entity. however (as repeatedly mention) this 
has tended to run into serious privacy concerns. in some quarters rather than 
value
increasing with the amount of personal information included ... the value 
increases
as the amount of personal information goes to zero
3) in numerous business processes, having online, real-time information ... tailored specific to the business process ... is significantly more valuable than lots of stale, static offline information. 

4) in paradigm change to an online world, the stale, static offline information 
methodologies
tend to migrate into the no-value market niches ... i.e. business processes 
that can't
justify the cost of higher-value, real-time information. being moved into 
no-value market
niches tends to create conflicts with objectives for moving upstream in the 
value-chain
revenue flows.
5) any significant spending on offline, low-value, stale, static information (credential/certificate/license) paradigm may impact funds available for high-value online real-time operations; aka any costs related to "I" (in PKI) should tend to 
zero ... at the same time the associated (personal, identification) information 
tends
to zero.

lots of past posts about purely PK Authentication operation w/o needing any
stale, static, redundant and superfluous "I" (infrastructure and/or Identification) operation 
http://www.garlic.com/~lynn/subpubkey.html#certless

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to