<RANT-PET_PEEVE>Why do cryptography folks equate PKI with
certificates and CAs? This fallacy is a major "root cause" of the
problem IHO. Why was the term "PKI" invented in the late 70s/early
80s (Kohnfelder's thesis?)?. Before the invention of asymmetric
cryptography, didn't those people who used symmetric cryptography
need an SKI (secret key infrastructure) to manage keys? But no one
uses the term SKI or talks about how to manage secret keys (a very
hard problem). Anytime you use any type of cryptography, you need an
"infrastructure" (<http://en.wikipedia.org/wiki/Infrastructure>) to
manage your keys, whether secret or public. There are at least two
public key infrastructures that do NOT require CAs: PGP and SPKI. But
like in so many real life cases, the best technology does not always
win and we are stuck with the system that garnered the most business/
economic support.</RANT-PET_PEEVE>
Respectfully,
Aram Perez
On Jul 14, 2005, at 6:19 AM, Perry E. Metzger wrote:
Ian Grigg <[EMAIL PROTECTED]> writes:
It's 2005, PKI doesn't work, the horse is dead.
He's not proposing PKI, but nymous accounts. The
account is the asset, the key is the owner;
Actually, I wasn't proposing that. I was just proposing that a private
key be the authenticator for payment card transactions, instead of the
[name, card number, expiration date, CVV2] tuple -- hardly a
revolutionary idea. You are right, though, that I do not propose that
any PK_I_ be involved here -- no need for certs at all for this
application.
I don't claim this is a remotely original idea, by the way. I'm just
flogging it again.
But, thank the heavens that we now have reached
the point where people can honestly say that PKI
is the root cause of the problem.
"Root Cause of the Problem" isn't correct either. It is better to say
that PKI doesn't solve many of the hard problems we have, or, in some
cases, any problems -- it doesn't per se cause any problems, or at
least not many.
This is not a "new realization" -- this goes back a long way.
People were saying PKI was a bad idea a decade ago or more. A number
of the people here, including me, gave talks on that subject years
ago. I spoke against PKI during the debate I was invited to at the
Usenix Electronic Commerce Workshop in 1998 or so, and at many
opportunities before and since. Dan Geer has a pretty famous screed on
the subject. Peter Gutmann talks about the follies of X.509 so often
it is hard to keep up. I don't mean to single us out as visionaries --
we were just saying things lots of other people were also saying.
Honestly, where have you been?
Can you now tell the browser people?
I can smell the rest of this discussion right now, Ian. You'll
misunderstand the constraints the browser people are under, and start
claiming SSL is bad (or unnecessary) about 20 seconds after that. I'm
not playing the game.
Perry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to
[EMAIL PROTECTED]
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
