Re:need help from the ietf list...PKI

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




I agree. With my mortgage customers (MISMO.org related) I have argued that private certs signed by their business partner is better than a cert issued by a well known cert company. Anyone can buy a cert from the well known company. A cert signed by your business partner can not be bought from any vendor. And if managed correctly they can add/delete employees and application certs real time.


However, PKI does not help e-commerce or financial transactions, as discussed in my recent paper: "Meaninglessness of Public Key Cryptography for Authentication on Consumable Credential" (presented in Japan in Japanese):

    Abstract: For electric transactions, the essential benefit
    of public key cryptography over shared key cryptography is
    that it is not necessary to communicate with Certificate
    Authority on each transaction. However, it is meaningless
    to use public key cryptography for authentication on
    consumable credentials, such as authentication of remaining
    credential in account for electric payment, as fraud with
    tremendous damage is easily performed, unless communication
    with authorities to manage the account decrease remaining
    credential is required on each transaction.

The problem of PKI without realtime management of remaining
credential is that an attacker can use 1K USD worth of certs
from 1000 different locations for 1000 seconds 1000 times a
second, total amount of damage of which is 1T USD.

Credential can be created only with direct communication.

Masataka Ohta



--


Doug Royer                     |   http://INET-Consulting.com
-------------------------------|-----------------------------
Doug@xxxxxxxxx                 | Office: (208)520-4044
http://Royer.com/People/Doug   |    Fax: (866)594-8574
                              |   Cell: (208)520-4044

We Do Standards - You Need Standards


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]