i have pointed out in multiple threads and numerous times (a number of times when you have raised this or similar question in the past) .... that there has been some history of x.509 identity certificates from the early 90s and that the in the mid-90s, many financial institutions around the world retrenched to relying-party-only certificates .... because of the enormous privacy and liability issues associated with the x.509 identity certificates. I was at a presentation by one of the large german banks at the 1998 21st nissc conference in DC ... on the enormous privacy and liability issues associated with x.509 identity certificates and the requirement for relying-party-only certificates (effectively only containing an account number and public key). There were payment transaction designs and deployments from the mid-90s that also used relying-party-only certificates and had made some reference to the enormous privacy and liability issues associated with x.509 identity certificates.
lots of past postings on relying-party-only certificates: http://www.garlic.com/~lynn/subpubkey.html#rpo the issue that i've also pointed out multiple times in the past is that for online transactions involving replying-party-only certificates, that the relying-party-only certificates can typically be shown to be redundant and superfluous ... since the relying-party is the issuing party ... and therefor already has a registered copy of the public key (typically stored in an account record which will be referenced as part of any online transaction). the ancillary issue from some of the payment transactions from the mid-90s using relying-party-only certificates for online iso 8583 payment transactions was that there was enormous payload bloat with various relying-party-only certificates being approximately two orders of magnitude larger in size than typical base iso 8583 transactions. there has also been some sporadic discussions that sometimes there is confusion between identification and authentication and that there are times that identification has been specified when authentication would have been sufficient. at 9/21/2004 12:27 am, anders wrote: Exactly what are you addressing here??? 1. That EMV is a bad idea since it (optionally) uses PKI? Could very well be so but EMV is also an off-line thing as the EMV founders incorrectly thought that not many countries could afford broadband! Regardless how right of wrong this assumption may be, those who actually are prepared to convert to accepting chip-cards, probably have broadband as well. That is, a core EMV idea is indeed ill-founded! 2. That ID certificates are redundant? As ID certificates is an FI add-on service to be used by thousands of independent e-gov relying parties using a common national identity scheme, there is no viable alternative to PKI except using a gateway approach which is fairly much the same trust wise. The difference is that some people do not believe that gateways can sign but schemes running in Norway shows that this is piece of cake. At least technically! Anders -- Internet trivia, 20th anv: http://www.garlic.com/~lynn/rfcietff.htm
