Can we copy trust?

Anne & Lynn Wheeler lynn at garlic.com
Mon Jun 2 22:29:50 EDT 2008


Bill Frantz wrote:
> really used for strangers. For people we know, recognition and
> memory are more compelling ways of trusting.
>
> We can use this recognition and memory in the online world as well.
> SSH automatically recognizes previously used hosts. Programs such
> as the Pet Names Tool<http://www.waterken.com/user/PetnameTool/>
> recognize public keys used by web sites, and provide us with a
> human-recognizable name so we can remember our previous
> interactions with that web site. Once we can securely recognize a
> site, we can form our own trust decisions, without the necessity of
> involving third parties.
>    

that was one of the business case problems early in SSL for
electronic commerce ... namely majority of ecommerce was
with repeat sites ... while design point of digital certificates
is for first time communication between strangers.

the other factor that bounded what merchants would pay
was liability in electronic commerce ... there were already
paying significant interchange fees as part of protecting
the consumer. certification authorities weren't looking
at taking on any of that aspect.

the combination has been pushing digital certificates
into the no-value market segment ... which, in turn,
further limits what would could be charged for.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list