X.509 / PKI, PGP, and IBE Secure Email Technologies
James A. Donald
jamesd at echeque.com
Sun Dec 11 14:22:52 EST 2005
--
From: Anne & Lynn Wheeler <lynn at garlic.com>
> drastically improving the useability of the interface
> to the trusted public key repositories could be viewed
> as having two downsides 1) certification authorities
> that haven't payed to have their public keys preloaded
> can more easily join the club, 2) the pgp-like
> scenario becames much easier, potentially drastically
> reducing existing reliance on the
> digital-certificate-only (and certification authority
> only business process) digital-signed-operation model.
I would state the same thing differently: That the
revenue model is based on sprinkling holy water over
communications, rather than actually providing security.
Hence the proposal to address phishing by providing
higher priced grades of holy water.
Public keys are relevant to the problem of decentralized
reputation management. For relationship management,
shared secrets are better. At present, the only widely
applied reputation management software is that possessed
by Ebay - which uses centralized reputation management
software, so that it can charge people a fee for making
use of their own reputations, and thus has no inherent
need or desire for public keys.
After all these years, we still do not have a good fit
between the capabilities of the technology, the
usability of the interface, and the problems people need
solved.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
X1okruQ3BE+qbWjk1b7CgXMbsiKNhvf5oMKDgR71
4cxizGKqHfxeifgKTUEvpkLYq7wSgzAckTy2yLzQ8
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list