Certificates turn 30, X.509 turns 20, no-one notices

Nicholas Bohm nbohm at ernest.net
Thu Nov 27 05:13:27 EST 2008

Peter Gutmann wrote:
> This doesn't seem to have garnered much attention, but this year marks two
> milestones in PKI: Loren Kohnfelder's thesis was published 30 years ago, and
> X.509v1 was published 20 years ago.
> As a sign of PKI's successful penetration of the marketplace, the premier get-
> together for PKI folks, the IDtrust Symposium (formerly the PKI Workshop and
> now in its eighth year) authenticates participants with... username and
> password, for lack of a working PKI.
> (OK, it's a bit of a cheap shot and it's been done before, but I thought it
> was especially significant this year :-).

I've never been quite sure whether "Public" qualifies "Key" or
"Infrastructure" - this may make a difference to what you count as a PKI.

SWIFT (interbank messaging), BOLERO (bills of lading) and CREST (dealing
in dematerialised stocks and shares) all use public key cryptography, I
believe, and have all been reasonably successful; but they are all
closed systems where each of the participants believes that it and the
others can stand the risk of contractually-imposed non-repudiation rules
(or they used to believe it, anyway).

But what these examples illustrate, by the lack of "open" comparables,
is the very limited utility of the technology.

Nicholas Bohm
Salkyns, Great Canfield, Takeley,
Bishop's Stortford CM22 6SX, UK

Phone  01279 870285    (+44 1279 870285)
Mobile  07715 419728    (+44 7715 419728)

PGP public key ID: 0x899DD7FF.  Fingerprint:
5248 1320 B42E 84FC 1E8B  A9E6 0912 AE66 899D D7FF

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list