Paul is totally correct in that the currently understood methods of doing PKI
are totally sufficient for dealing with a bit string that represents a trust
relationship. All three of us seem to be in agreement that nobody truly
understands how to actually create said bit string for a general case - and
that's not the PKI's fault, because it's ready. The problem is that the
liveware insists on using very fuzzy definitions of "trust" in the real world,

I suspect this is for a good reason - namely, that liveware insists on behaving according to very fuzzy definitions of "trustworthiness" in the real world, and these definitions are heavily reinforced by social and legal expectations that are themselves fuzzy (and they vary from one time and place to another). Sometimes (not always) we have good reasons for this fuzziness.


The other problem is that people rarely understand why they choose to trust whom they do, to what degree, and for what purposes, at a conscious rational level - which makes it very hard for people to specify a formal policy for whom to trust in software, or to know whether software that implements a trust policy actually reflects their own choices.

But this is very much what I meant by PKIs not reflecting real world trust relationships. I'm really not placing blame on those who have developed PKI - I'm instead saying that reflecting real world trust relationships is a very difficult problem.


Reply via email to