Before going too much further down this path, it's useful to think about
what CAs are actually needed for, and what certificates are actually needed
for - certificates like those discussed below don't seem to match any
existing requirements.
Right now, CAs like Verisign and Thawte certify that a certain
cryptographic key is possessed by the same people who have the right to use
a particular name in a distinct geographic location. End-users depend on
other services - the court system, which polices trademark namespace
collisions (with the help of aggrieved plaintiffs), and the DNS system,
which correlates the names to IP addresses for machines which use the keys
discussed above - in order to get a working system.
Efforts to find other uses for x.509 certs across organizational boundaries
haven't been especially successful; Verisign tried to sell personal certs,
but my impression is that this business line has been deprecated or
abandoned. Thawte has a personal cert project (in fact, I participate in it
as a "notary"), but its actual utility is unclear. (I think it's a neat
demonstration/experiment, but don't know of anyone who's using it for
anything important).
In particular, the server certificate model discussed above won't translate
well to personal certs, because we accept namespace collisions for personal
names. Thawte's solution to that has been to tie their personal certs to
unique numbers, not names; that makes collisions less likely, but makes
them harder to detect, as there's no way for me to find out whether or not
someone else is using one of my numbers. (They seem to accept drivers'
license numbers, US social security numbers, passport numbers, and perhaps
more. I've only notarized US people's identities, so haven't had firsthand
experience with foreign documents.) Also, there's no judicial enforcement
mechanism available when a namespace collision occurs - if someone uses my
trademark, the process for making them stop is well-documented, if
expensive. If someone else is using my social security number, my only
effective recourse is to try to get the police interested in investigating
that, and it's quite possible that they won't understand my complaint, or
won't consider it important.
So, apropos the discussion of creating an alternative to VeriThawte -
perhaps a good first step would be replicating what they already do. A next
step might be understanding what value they're providing, and who it's
being provided to, and by what means, and examining whether or not that
goal can be reached by more efficient or otherwise better means.
Further, it might be useful to elaborate more fully the notion of "trusting
government" with respect to identification - I'm not sure that people trust
the government to do things correctly so much as they believe that the
government's judicial system will accept the government's identification
system as convincing proof of authority, or acceptance of the government's
identification system as a reasonable and sufficient exercise of care in
the conduct of one's business. Traditional familial or affinity-based
identifications are much more reliable, when they're available - but they
don't necessarily enjoy the same presumption of validity in a bureacratic
system that the bureacracy's own documents do, which leads to a preference
for less accurate identifications which have a lower risk of negative
consequences.
That level of trust - or that fear of negative consequences - may or may
not be true in any given transaction, which modifies or eliminates the need
for insurance or complicated CPS statements. If a CA and the actors who
rely upon it are within the same organizational boundary, it's unlikely
that their interests will diverge such that a serious dispute will occur;
and if a dispute is unlikely or impossible, it's not so important to
prepare for its negative consequences.
The complicated and peculiar thing about the existing business of running a
CA is that the people who depend on the accuracy of the CA's statements
aren't the ones who are paying the CA, nor do they have a traditional
contract or agreement with the CA. Either they're in a position of relying
upon someone who owes them no duty (which means that the services provided
may be of dubious reliability), or a duty is created on the part of a third
party who isn't being paid directly for that obligation .. so it's
difficult to provide a good service priced appropriately. Current
extra-organizational or public CA's have found a solution which is an ugly
hack - they charge a single flat fee (or one of a few tiered fees) to
another party to a different transaction, and then try to limit their
obligations by using a non-negotiated (and, to a lay audience, mostly
incomprehensible) certification practice statement (CPS).
While this allows CA's to collect money and limit their liability, it also
limits (or eliminates) their utility to the people who want or need to rely
on their services - not the operators of web servers (who pay the bills),
but the operators of web browsers, who want to be assured that they're
communicating with the people they think they are.
At 07:29 AM 12/23/99 , Creed Millman wrote:
>Real-To: Creed Millman <[EMAIL PROTECTED]>
>
>What if each country's government were to act as CAs? To me this seems the
>most logical solution. They already issue passports, driver's licenses,
>etc., - why not digital certificates? This would also tie in well with
>Massimiliano Pala's vision: "Indeed I see certificates to be like ID cards:
>you can sign contracts, get married or vote using a digital ID certificate."
>I feel that the government is the only entity that people would trust enough
>to put the entire infrastructure into place.
--
Greg Broiles
[EMAIL PROTECTED]
PGP: 0x26E4488C
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
