On 07/31/2010 08:37 PM, Jeffrey I. Schiller wrote:
In general I agree with you, in particular when the task at hand is authenticating individuals (or more to the point, Joe Sixpack). However the use case of certificates for websites has worked out pretty well (from a purely practical standpoint). The site owner has to protect their key, because as you say, revocation is pretty much non-existent.
The publicity campaign for SSL digital certificates and why consumers should feel good about them was major reason that long & ago and far away, I coined the term "merchant comfort" certificates. Part of what was recognized by the x9a10 financial standard working group (and the resulting x9.59 financial standard) was that relying on the merchant (and/or the transaction processor) to provide major integrity protection for financial transactions ... is placing the responsibility on the entities with the least financial interest ... the "security proportional to risk" scenario (where largest percentage of exploits occur in the current infrastructure ... including data breaches) The payment current paradigm has the merchant financial interest in the transaction information is the profit on the transaction ... which can be a couple dollars (and transaction processor profit can be a couple cents on the transaction). By comparison (in the current paradigm), the crooks financial motivation in the transaction information is the account credit limit (or account balance) which can be several hundred to several thousand dollars ... as a result, the crooks attacking the system, can frequently afford to outspend the defenders by two orders of magnitude (or more). The majority of fraud (in the current infrastructure) also contributed to retailers having significant "fraud" surcharges onto their interchange fees. Past crypto mailing list threads have discussed that financial infrastructures make a significant percent of their profit/bottom-line from these "fraud surcharges" (large US issuing financial institutions having made 40-60% of their bottom line from these fees) ... with interchange fee "fraud surcharges" for highest risk transactions being order-of-magnitude or more larger than for lowest risk transactions. The work on x9.59 financial standard recognized this dichotomy and slightly tweaked the paradigm ... eliminating knowledge of account number and/or information from previous transactions as a risk. This would significantly decrease the fraud for all x9.59 transactions in the world (i.e. the x9a10 financial standard working group had been given the requirement to preserve the integrity of the financial infrastructure for *ALL* retail payments; point-of-sale, face-to-face, unattended, internet, debit, credit, stored-value, high-value, low-value, transit turnstyle, cardholder-not-present; aka *ALL*). As a result, it also eliminates the major use of SSL in the world today ... hiding financial transaction information. It also eliminates other kinds of risks from things like data breaches (didn't eliminate data breaches, but eliminated the motivation behind the majority of breaches in the world today, being able to use the information for fraudulent financial transaction). The downside, is with the elimination of all that fraud ... it eliminates the majority of "fraud surcharge" from interchange fees ... and potentially cuts the "interchange fee" bottom line for large issuing institutions from 40-60% to possibly 4-6%. It sort of could be viewed as commoditizing payment transaction. A decade ago, there were a number of "secure" payment transaction products floated for the internet ... with significant upfront merchant interest ... assuming that the associated transactions would have significant lower interchange fees (because of the elimination of "fraud" surcharge). Then things went thru a period of "cognitive dissonance" when financial institutions tried to explain why these transactions should have a higher interchange fee ... than the highest "fraud surchange" interchange fees. The severity of the "cognitive dissonance" between the merchants and the financial institutions over whether "secure" payment transactions products should result in higher fees or lower fees contributed significantly to the products not being deployed. -- virtualization experience starting Jan1968, online at home since Mar1970 --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com