Anne & Lynn Wheeler <[EMAIL PROTECTED]> writes: > > "Certificates are the only way to deal with identity in any meaningful > way," Mr. Amram said. "They will take off in a big way. But > certificates without validation are like a car without brakes." >
of course the above quote was left over from the early 90s and the x.509 identity certificates ... that by the mid-90s were in danger of being overloaded with enormous amounts of personal information .... and you were starting to see some infrastructures moving to relying-party-only certificates http://www.garlic.com/~lynn/subpubkey.html#rpo containing little more than some type of database lookup value (like account number) and the public key (as a way of dealing with the significant privacy and liability issues that go along with x.509 identity certificates containing enormous amounts of personal information). part of the issue is that most business processes have well-established and long entrenched relationship management infrastructures ... that contains detailed and real-time information about the parties that they are dealing with. in such environments it was trivial to show that the relying-party-only certificates (indexing an online relationship management infrastructure containing the real information) were redundant and superfluous. in fact, stale, static digital certificates of nearly any kind become redundant and superfluous when the business process has to deal with an established online, real-time relationship management infrastructure. the target for digital certificates, PKIs, etc ... where the offline relying parties involved in first-time communication with total strangers where they had no recourse to information about the party they were dealing with (sort of the letters-of-credit model from the sailing ship days). as the internet becomes more ubiquitous, the offlinemarket segment is rapidly disappearing. there has been some shift by PKI operations into the no-value market segment ... where the relying party can't justify the cost of an online transaction when first time interaction with strangers are involved. However, as internet becomes more and more ubiquitous, the cost of using the internet for online operations is also rapidly dropping ... creating an enormous squeeze on even the no-value market segments. -- Anne & Lynn Wheeler | http://www.garlic.com/~lynn/ _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
