CFP: PKI research workshop

[Arnold G. Reinhold]

At 12:09 PM -0500 1/14/02, John S. Denker wrote:
>...
>Returning to PKI in particular and software defects in
>particular:  Let's not make this a Right-versus-Wrong
>issue.  There are intricate and subtle issues here.
>Most of these issues are negotiable.
>
>In particular, you can presumably get somebody to insure
>your whole operation, for a price.  In the grand scheme
>of things, it doesn't matter very much whether you (the
>PKI buyer/user) obtain the insurance directly, or whether
>the other party (the PKI maker/vendor) obtains the insurance
>and passes the cost on to you.  The insurer doesn't much
>care; the risk is about the same either way.
>

The point is that the risks are not the same. A CA can lower the cost 
of insurance it sells by taking additional precautions to reduce 
risk.  The CA is also in a better position to estimate the true 
premium. A third party has to charge a very high premium since it is 
in a poorer position to make an accurate assessment of the risk.

There would be a way for third parties to reduce their risk if some 
simple mechanism existed for independent verification of 
certificates. I once proposed that all PGP users display a small card 
containing their key fingerprint in a window near their front door. 
The corporate equivalent would be for organizations to display a hash 
of a master signing key in their main and branch lobbies. Anyone 
could then verify this key if they wanted to. There might be a bounty 
for discovering any irregularity. A network of certificate insurers 
might develop who would go from office to office recording 
fingerprints  and then selling lists by subscription along with a 
guarantee of reimbursement for damages up to a certain amount if any 
of their data were incorrect.

Arnold Reinhold



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com