The summer of PKI love
Stephan Neuhaus
neuhaus at st.cs.uni-sb.de
Fri Aug 12 03:19:08 EDT 2005
Anne & Lynn Wheeler wrote:
> http://www.infoworld.com/article/05/08/10/33OPstrategic_1.html
The page goes on to say:
"One reason for PKI's slow uptake has been the lack of two kinds of
portability. It hasn't been easy to move cryptographic keys from one
machine to another, or to use credentials issued by one institution at
another. But as we learned at the summit, there's been progress on both
fronts."
If I remember correctly, portability is not necessarily a thing to
strive for here, because it means that not only your certificates will
be transported from A to B, but also the corresponding private
information will have a tendency to leak all over the place.
Also, cross-certification (mentioned later in the article) is probably
hard to do right because it is an extension of trust that needs to be
carefully managed, if it can be done at all.
So, the optimism of the article's author aside, where *do* we stand on
PKI deployment?
Fun,
Stephan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: neuhaus.vcf
Type: text/x-vcard
Size: 394 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20050812/735ac095/attachment.vcf>
More information about the cryptography
mailing list