note that the certificate-based PKI is an offline model .... it is the credit card model pre-1970. the certificate-based PKI tends to bear a lot of other resumblance to pre-1970 offline credit-card model .... the CRLs invention is very similar to the paper booklets that were mailed out to merchants every month of invalid credit card numbers (the credit-card industry however had a significant advantage having a very strong relying-party registration function .... so that there was high probability of relying-parties getting the paper booklets of invalid numbers).
in the '70s, the credit card industry switched from an offline infrastructures (aka similar to the certificate-based PKIs which were effectively developed to address the offline email infrastructure of the early 1980s) to an online infrastructure ... where every transaction was executed online. A certificate-based PKI for credit cards would be like regressing 30 years to the offline infrastructure (although using more convoluted and complex technology). The issue is why would the payment card industry want to regress 30 years to an offline model with certificate-based PKI? The financial industry has passed an online payment definition that does use digital signature technology w/o all the complexity and short-comings of a certificate-based PKI (that would set-back/regress the infrastructure 30+ years to the offline model) .... which is X9.59. Baiscally X9.59 defines a retail payment object that is valid for ALL electronic online financial transactions (internet, non-internet, point-of-sale, debit, credit, ACH, etc) which basically requires a digital signature and does not require a certificate-based PKI. The simplest analogy is that digital signature technology upgrades the PIN-based infrastructure found in current debit transactions and expands it to all electronic financial transactions. There have been some financial pilots using certificate-based PKI operations .... but in all cases it is relatively trivial to show that the certificate is redundant, superfulous and extraneous in an online world. The certificates were effectively relying-party-only certificates (basically containing an account number and a public key) .... in part to meet liability and privacy requirements. Since only an account number was used and the transactions &/or other operations were all online ... they all referenced the account in order to execute the requested operation. It is trivial to show that given online operation executioin (including things like "logging in" for vaious kinds of things related to online banking and/or other financial or securities industry transactions) .... that is superfulous to have the certificate. The certificate makes sense in an offline environment where there is no prior business relationship between the entities. Given online situations involving parties with prior relationships, certificates make no sense. misc. x9.59 references: http://www.garlic.com/~lynn/indec.html#x959 misc certificate-less digital signature references (including pointers to the NACHA/debit network implementation ... and a private key hardware token description allowing the same private/public key to be used in an arbritrary large number of different & public operations): http://www.garlic.com/~lynn/index.html#aads random client digital signature authentication refs: http://www.garlic.com/~lynn/subtopic.html#radius misc. discussion of certificate-based SSL domain name operation: http://www.garlic.com/~lynn/subtopic.html#sslcerts ray dillinger <[EMAIL PROTECTED]> on 12/26/2001 12:03 pm wrote: Yep. So far, that's true. Financial stuff is the only killer app in sight for a PKI, and the financial services sector is conservative and heavily regulated. There is a substantial barrier to entry: just try to imagine running off a few thousand PKI-backed credit cards and going into business competing against mastercard/visa/amex. Vendor acceptance is slow and the regulatory hurdles are high. ........ Odds are, however, that each and every one of them is going to want their own PKI -- where P stands for Private, or Proprietary, rather than Public. A Public Key Infrastructure happens when the chaotic situation which that brings about gets consolidated and standardized, so don't look for that for at least a decade. Basically we have no chance of getting a Public Key Infrastructure in place right now because we don't have enough different Private Key Infrastructures in place for it to have started to hurt yet. People won't go for the PKI until they are in some kind of pain that it relieves. And if financial services businesses are involved, they will do it in such a way that no PKI vendor ever makes a profit they could possibly have made themselves. Look for them to be buying regulations that say PKI is part of financial services and can only be provided by licensed financial services corporations sometime in the next few years. Like I said, don't get too discouraged -- these things happen slowly and it's very much a matter of stages of development. People don't do things until the pain of not doing them gets worse than the pain of doing them. Public Key comes about when Private Keys have been common for several years and their multiplicity causes pain. That in itself will take several years after the Private Key structures are fully adopted. The Private Key structures get adopted several years after the profit margins, split between consumers, vendors, and financial institutions, each overcome the pain of changing infrastructure. That will take several years after the initial offering. The initial offerings are happening now in very restricted markets, but don't look for it to happen in domestic consumer markets until the results of the restricted-market offerings are several years old and the technology involved hasn't changed AT ALL for several years. They are looking for a technology that's been in use long enough to establish a baseline and get results that look stable and repeatable. That's when financial services companies will begin to take them seriously enough to consider that the pain of deploying new infrastructure may overcome the painof absorbing losses due to fraud. These are just network effects: PKI will trickle through at the end as surely as water runs downhill, because it's a better solution. It's just going to take a decade or two, or maybe four or five decades if there's a substantial monopoly somewhere in the industry. Bear --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
