At 11:01 AM 11/5/2001, [EMAIL PROTECTED] wrote: >The problem with all authentication technologies in use today from >biometrics to PKI to digital certs, all finesse the identification process >and push it off to some "trusted" third party...all without clearly >defining what that third party must bring to the table.
Perhaps this is why I'm expecting PKI to flourish primarily within enterprises that run their own CAs as opposed to third parties, at least in the near term. Although a few third party credit card vendors got things started decades ago, credit cards didn't really blossom until after a period in the '60s and '70s during which many/most individual enterprises issued their own cards. This allowed the enterprises to learn by themselves what the costs, risks, and rewards were. They had the opportunity to decide for themselves what risks to take and directly experience the results. Only after the enterprises developed this internal awareness of the real implications of such cards could they understand the system well enough to know what it meant to sign up with Visa, MC, or one of the other big names. At least, that's my reading of the history, and how it might apply to PKI or other authentication technologies. It seems to me that the concept of identity is application specific (and thus enterprise specific in a sense), which makes it tricky for an 'authentication vendor' to try to provide a general 'identity' solution except maybe through 'AAA' products. Rick. [EMAIL PROTECTED] roseville, minnesota "Authentication" in bookstores http://www.visi.com/crypto/ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]