On Wed, Jul 28, 2010 at 10:05:22AM -0400, Perry E. Metzger wrote: > PKI was invented by Loren Kohnfelder for his bachelor's degree thesis > at MIT. It was certainly a fine undergraduate paper, but I think we > should forget about it, the way we forget about most undergraduate > papers.
PKI alone is certainly not the answer to all our problems. Infrastructure (whether of a pk variety or otherwise) and transitive trust probably have to be part of the answer for scalability reasons, even if transitive trust is a distasteful concept. However, we need to be able to build direct trust relationships, otherwise we'll just have a house of transitive trust cards. Again, think of the the SSH leap-of- faith and "SSL pinning" concepts, but don't constrain yourselves purely to pk technology. Nico -- --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
