Re: invoicing with PKI

2003-09-03 Thread James A. Donald
-- On 1 Sep 2003 at 12:23, Ian Grigg wrote: I suspect the widest use of public key crypto in a non-PKI context would be SSH, which opportunistically generates keys rather than invite the user to fund a PKI. According to this page [1], there may or may not be 2,400k SSH servers This of

Re: invoicing with PKI

2003-09-03 Thread James A. Donald
-- On 1 Sep 2003 at 19:17, Hadmut Danisch wrote: Is cryptography where security took the wrong branch? True names is where security took the wrong branch. The entire PKI structure has been rejected. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG

Re: invoicing with PKI

2003-09-03 Thread Ian Grigg
Peter Gutmann wrote: Hadmut Danisch [EMAIL PROTECTED] writes: There was an interesting speech held on the Usenix conference by Eric Rescorla (http://www.rtfm.com/TooSecure-usenix.pdf, unfortunately I did not have the time to visit the conference) about cryptographic (real world) protocols

Re: invoicing with PKI

2003-09-03 Thread Peter Gutmann
Peter Gutmann wrote: It's no less secure than what's being done now, and since you can make it completely invisible to the user at least it'll get used. If all new MTA releases automatically generated a self-signed cert and enabled STARTTLS, we'd see opportunistic email encryption adopted at a

Re: invoicing with PKI

2003-09-03 Thread Anne Lynn Wheeler
At 11:41 PM 9/2/2003 -0700, James A. Donald wrote: True names is where security took the wrong branch. The entire PKI structure has been rejected. x.509 identity certificates are business processes ... not a cryptography process. as I've mentioned elsewhere many of the institutions that looked

Re: invoicing with PKI

2003-09-02 Thread Ian Grigg
(Things seem quiet on the crypto front, here's a late reply.) Hadmut Danisch wrote: Hi, On Thu, Jul 17, 2003 at 04:27:52PM -0400, Ian Grigg wrote: Does anyone know any instances of invoicing and contracting systems that use PKI and digital orders? That is, purchasing departments and

Re: invoicing with PKI

2003-09-02 Thread Hadmut Danisch
On Mon, Sep 01, 2003 at 12:23:28PM -0400, Ian Grigg wrote: The dream of PKI seems to revolve around these major areas: 1. invoicing, contracting - no known instances 2. authentication and authorisation - SSL client side certs deployed within organisations. 3. payments 4.

Re: invoicing with PKI

2003-09-02 Thread Anne Lynn Wheeler
At 12:23 PM 9/1/2003 -0400, Ian Grigg wrote: 1. invoicing, contracting - no known instances 2. authentication and authorisation - SSL client side certs deployed within organisations. 3. payments 4. channel security (SSL) 5. email (OpenPGP, S/MIME) somewhat related thread in