CFP: PKI research workshop

Ray Dillinger bear at
Fri Dec 28 16:29:04 EST 2001

On Thu, 27 Dec 2001 lynn.wheeler at wrote:

>given that authentication is being performed as part of some business
>process or function ...  then it is normally trivial to show it is easier
>to have authentication (even digital signature authentication) integrated
>into such business processes .... and correspondingly easy to show that
>certificate-based operations are redundant, superfulous and extraneous
>(modulo the issue of toy demos are cheaper than modifying production
>business operations).

The only case in which the PKI solution is not redundant is in
offline clearing.  But getting your point-of-transaction online
is easier than paying attention to PKI.

I happen to like offline clearing -- it opens up the possibility of
new transaction types and doing transactions in places you couldn't
before.  But the practical issue is, everybody who's interested in
electronic transactions of any kind is also interested in getting
online, and when PKI's were deployed in "developing" areas (south
africa) they got dumped just as soon as the area was developed
enough for communications to support online clearing.

On the principle of people refusing to adopt something until
it relieves pain, maybe we won't see a real PKI deployed until
we need to serve markets where speed-of-light delays make online
clearing impractical.

Mars, for example, is 3 to 22 light-minutes away.  I don't imagine
someone using an ATM on Mars is going to want to wait 12 to 88
minutes for online clearing (more if the protocol is talky or the
bandwidth is busy...).  So a martian colony might be the first
practical application of PKI and/or digital cash, assuming the
colonists want to do business with Earth companies.  But a colony
looks pretty distant right now: we haven't even got an outpost
there yet.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list