In summary, Jon Callas wrote, about the challenges of ascertaining
identities:
The who who make you an authority are the community,
and they do it because you act like one.
This is just one of three models of identity assessment, prior to any
technological component:
one's reputation in a community,
one's track record of past interactions with the relying party (e.g.
account payment history), and
one's participation in a formal ceremony (e.g. applying for a passport).
The PGP vs PKI analysis puts emphasis on the first one, mainly because
the PKI proponents has not been very explicit about identity assertion
model. But the other two models are operating here and there in the IT
security landscape.
--
- Thierry Moreau
CONNOTECH Experts-conseils inc.
9130 Place de Montgolfier
Montreal, QC, Canada H2M 2A1
Tel. +1-514-385-5691
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
