[EMAIL PROTECTED] (Peter Gutmann) writes: > Actually I have recently run into a situation that isn't always-on, > it's remote data sensing, which involves hauling a laptop out to > various isolated locations and then sending the results in from a > hotel room at night. I'm not exactly sure what the benefit of > carrying a CRL around with you as opposed to just rejecting the data > when it's submitted that evening is, you could also just carry > around a list of remote sites whose keys you don't trust any more > rather than a CRL. > > Anyway, it seems like a lot of effort to be maitaining a whole PKI > model just for special-case situations like this.
from the late 90s ... truth is stranger than fiction. a large institution was looking at converting their customer base from shared-secret authentication to public key authentication. what they were to do was to upgrade their software software to handle public keys and register public keys for all of their clients. then there were to ship their master client account file off to a TTP CA, which would munge and reformat the bits in the account records and generate a digital certificate for each account record, appropriately digitally signed (selectively leaving out many bits and fields because of privacy concerns). for this re-formating of each account record and the CA's digital signature ... the instituttion would only be charged $100/annum for every account record processed (well in excess of $1b US). the institution would then distribute the resulting certificates to each of their clients so that in the future ... the clients could create a electronic message and digitally sign it. The client would package the electronic message, the digital signature and the ($100/annum) digital certificate and send it off to the institution. The institution would receive the transmission, pull the account number from the message, and retrieve the appropriate account record, validating the digital signature with the onfile public key (from the account record). They then could disregard the stale, static, stunted, abbreviated, redundant and superfluous ($100/annum) digital certificate and continue processing the message. executives eventually scrapped the project before they actually got into sending off the master account file. -- Anne & Lynn Wheeler | http://www.garlic.com/~lynn/ _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
