CFP: PKI research workshop

Ray Dillinger bear at
Wed Dec 26 14:31:51 EST 2001

On Wed, 26 Dec 2001, Matt Crawford wrote:

>As I never tire of saying, "PKI is the ATM of security."
>Meaning that has a certain niche relevance, but is claimed by
>proponents to be the answer to every need, and is the current magic
>word for shaking the money tree.

In fact, that may be exactly it.  PKI, as espoused by vendors,
once established, will become an indispensable monopoly, like
AT&T before the breakup. Investors love the fantasy of buying
a kajillion shares for cheap today and then having them be
shares in an indispensable monopoly next year, so they are
inclined to believe.

The problem is that none of the vendors are offering anything
that someone who has significant volume (like a financial-services
company might) cannot provide for themselves.  The FS companies
can easily wait to adopt, because the margins offered by PKI are
fairly small and the initial investment required is fairly large.
Perhaps the margins will remain too small until royalty payments
can be eliminated entirely (until any patents expire) and the
FS companies can roll their own.  Whether or not the margins
are too small, The FS companies can wait that long easily.

But the PKI vendor cannot wait.  S/he will be out of business
in three or four years if nobody adopts.  The patents will be
for sale then much cheaper than the royalty payments s/he is
offering, and the FS negotiator across the table knows it.  The
PKI vendor therefore is going to get the worst end of the deal
every time s/he goes to financial services vendors, because s/he
is not dealing from a position of strength, and had best learn
the harsh lesson sooner rather than later.

A PKI will happen, eventually, but nobody is going to get into
a position where the financial-services sector depends on them
and has to pay them.  That's as fundamental in business as the
second law of thermodynamics in physics, and chasing the dream
of becoming an indispensable monopoly to the financial services
sector promises to be as frustrating to the seekers as the quest
for a perpetual motion device.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list