PKI: The terrorists' secret weapon (part II)

Anne & Lynn Wheeler lynn at garlic.com
Wed Mar 14 15:03:09 EDT 2007


re:
http://www.garlic.com/~lynn/aadsm26.htm#40 PKI: The terrorists' secret weapon

so the other way of thinking about the "I" in PKI is that basically PK is an Authentication
mechanism, the "I" frequently stands for attempting to move upstream in the value-chain 
revenue flow to Identification.

several issues:

1) emulation of the credential/certificate/license paradigm from the offline world 
(like letters of credit/introduction) is net positive when there is no other avenue 
for providing the necessary information. it can quickly become redundant and superfluous 
in any move into the online world.

2) PKI perceived value supposedly increased proportional to the number of attributes 
(i.e. personal information) included for an entity. however (as repeatedly mention) this
has tended to run into serious privacy concerns. in some quarters rather than value
increasing with the amount of personal information included ... the value increases
as the amount of personal information goes to zero

3) in numerous business processes, having online, real-time information ... tailored 
specific to the business process ... is significantly more valuable than lots of stale, 
static offline information.

4) in paradigm change to an online world, the stale, static offline information methodologies
tend to migrate into the no-value market niches ... i.e. business processes that can't
justify the cost of higher-value, real-time information. being moved into no-value market
niches tends to create conflicts with objectives for moving upstream in the value-chain
revenue flows.

5) any significant spending on offline, low-value, stale, static information 
(credential/certificate/license) paradigm may impact funds available for high-value 
online real-time operations; aka any costs related to "I" (in PKI) should tend to
zero ... at the same time the associated (personal, identification) information tends
to zero.

lots of past posts about purely PK Authentication operation w/o needing any
stale, static, redundant and superfluous "I" (infrastructure and/or Identification) 
operation
http://www.garlic.com/~lynn/subpubkey.html#certless

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list