CFP: PKI research workshop

lynn.wheeler at lynn.wheeler at
Sun Dec 30 18:42:17 EST 2001

another aspect that overlaps PKIs and quality is the difference between
"application" code and "service" code .... turning an application into a
service can be hard .... possibly writing 4-10 times as much code as in the
base application infrastructure .... and very high-quality code ....
dealing with potentially very complex failure modes. Related thread
("buffer overflow") has been running in the sci.crypt newsgroups. ....
partial reference: Buffer overflow Buffer overflow Buffer overflow

also an older thread regarding "assurance" in application and digital
signature authentication Assurance, e-commerce, and
some x9.59 Assurance, e-commerce, and
some x9.59 Assurance, e-commerce, and
some x9.59 assurance, x9.59, etc

lynn.wheeler at at 12?29/2001 3:22 pm wrote:

Now, an interesting thing might be regarding rapid uptake of general
security. One could contend that majority of the market believes that good,
strong security should be an attribute of the basic infrastructure ...
somewhat like the issue of automobile quality in the '70s, not going to pay
any more for it ... but would migrate to a manufactor that had
significantly better quality. You then have the 1) vendors that  don't see
quality as worth while since they won't be able to charge more 2) new
vendors that would like to sell "quality" as a stand-alone attribute ...
not actually having to manufactor automobiles .... but somehow convince
customers that they can sell quality independent of any product, and 3)
vendors that feel that they can eventually gain market share by providing
better quality.

Substitute "security" and/or "PKI" in place of "quality".

Part of the issue is that security (and strong authentication) should be an
attribute of the basic infrastructure ... not something that exists by
itself in a vacuum.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list