I believe the reason that certificates were "invented" was to provide a basis for trust between parties that had no prior relationship in an offline environment .... aka the letters of credit analogy from the days of sailing ships and before telephone & telegraph. These were the days of offline email when you would connect to the local POP and download your email and then hang-up. It was then necessary to authenticate the sender of email in situation where you had no prior knowledge/relationship with the sender.
note that early on we coined the term "certificate manufactoring" to distinguish the SSL environment from PKI. straight "certificate manufactoring" operation was somewhat simpler than a real service operation. [EMAIL PROTECTED] on 5/29/2002 8:49 am wrote: The reason that certificates were "invented" was that new applications for public key cryptography emerged where "a priori" knowledge of public keys could not be assumed. Secure email is a classic example of an application where there is a need to exchange public keys between parties where there is no prior knowledge of the other party's keys. SSL web sessions represents another such application as do some payment applications (e.g., the FSTC eCheck initiative). I should also acknowledge that different approaches for creating public key certificate-like structures do exist, along with different trust models. The danger in continuing to flog the "dead" PKI horse is that it further deflects attention away from the more relevant problems of inadequate commercial solutions for any of the critical security problems confronted by individuals, businesses and governments. The ongoing debates surrounding authentication services serves to sharply illustrate just how little progress has been made. Furthermore, the current climate continues to promote a contentious atmosphere with bitter competitive rivalries and conflicting priorities undermining many efforts to make forward progress. To my earlier point, our current definition of PKI should be viewed more as a path that is no longer going anywhere useful. The options are to: * backtrack to some earlier stage of development and start anew, * somehow switch onto another path that shows greater promise, * or pick a new direction and take advantage of what progress has already been achieved. Each of these options has its advocates, but I'll admit that I tend to favor the latter option on pragmatic grounds. What is even more important, however, is to focus on the critical needs for effective security measures that can be widely deployed and adopted, and that can evolve rapidly to confront an array of new threats. Let's be honest, the security of payment transactions today is far worse than it was a decade ago. This is due to the failure to improve security measures for payment transactions, while broader information dissemination and new technologies have enabled an array of new threats with corresponding risks. Put differently, the "moral hazards" embedded in our current payments infrastructure are of historic proportions, and the trends are not looking healthy right now. Therefore, debating the "death of PKI" is a distraction that deflects attention from the true problems. It is high time we focus on better ways to mitigate the security risks associated with both legacy and new payment transaction services. The need for public key infrastructure to support new security measures can then be defined rationally based on real requirements instead of impossible or conflicting objectives. My personal suspicion is that the eventual solutions will have aspects of many of the current models, but without so much baggage. Does this make sense? Regards... -- ...Chuck Wade Consultant, Internet Security and Financial Services +1 508 625-1137 Office Phone/Voice Mail +1 309 422-9871 Fax Service
