On Mon, Dec 15, 2003 at 12:05:50PM -0800, Tony Hain wrote: > Hence my original comment that the politicians need to broker the trust > relationships. There will clearly be multiple technical relationships, with > very different characteristics, just as there are for inter-personal trust > relationships outside the technical space. The fundamental point is that the > IETF is not capable of (nor in any position to) further the deployment of > PKI's until the non-technical aspects get resolved. On a global scale that > role has traditionally belonged to the ITU, so that would be a good place to > go as the next step. There are undoubtedly other organizations that need to > be involved on smaller scales, but this is a case where a top-down > consistent framework will probably make the technical job easier down the > road. Any way you want to define it, this is an aspect of Internet > governance, and it clearly doesn't belong to either ICANN or the IETF. The rest of us clearly have our disagreements about what the term PKI is currently used for, and how important public key technology is. But I run into very very few people who are waiting for, or even wanting, this sort of world-wide, top-down vision of it, as part of some government-controlled infrastructure like roads and traditional telephone systems. Like most innovative and good things, productive use of public key technology grows best from the ground up, with private infrastructures that in time will be based on common forms of shared data. That again is where federations come in. And it requires applications and tools and policies that work well with lots of keys from lots of sources, and allow users to control which keys are shown to which relying parties. Neal McBurnett http://bcn.boulder.co.us/~neal/ Signed and/or sealed mail encouraged. GPG/PGP Keyid: 2C9EBA60
Attachment:
pgp00378.pgp
Description: PGP signature