Failure of PKI in messaging
James A. Donald
jamesd at echeque.com
Thu Feb 15 17:41:05 EST 2007
--
Ed Gerck wrote:
> That's not banking. Banks and their clients already
> have a trusted relationship. The banks webmail
> interface leverages this to provide a trust reference
> that the user can easily verify (yes, this is my name
> and balance). That's why it works, and that's what is
> missing in the bank PKI email model -- what's that
> relationship buying you?
>
> Email for banks should thus leverage the relationship,
> rather than present an ab initio communication.
Hence my proposal for a single sign on and messaging
system resembling IM buddy lists - the computer tracks
relationship information, rather than true name
information.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
NMb/3lhm5wj1jn9bea0UJsViLkPWzA2jR+GCOgFV
4WdwEv3Qp46Bt5AR7KTqFUUnJqu7E/XHnkKfJ2t/D
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list