Phillip Hallam-Baker wrote: > You can design a PKI to meet many different needs. No, PKI can be designed for imaginary needs only with no real security. > Identity is one purpose, but not a very useful one. It is an example of imaginary security. > If you want security from a > PKI you will do better with a validation system that provides > accountability. Real accountability needs a real account with real *M*O*N*E*Y* in it. If you loss $1M by a wrong operation of a CA, the CA should be able to compensated the amount of the loss, which is the accountability. *M*O*N*E*Y* is the reality. Then, what if, a wrong operation of a CA causes $1000 loss for 1M people? Bankruptcy of the CA does not help the people. A CA charging $2000 for 1M certificates may have $1000000000 in its account and may be able to compensate $1000 loss of 1M people. But, what the point of people paying $2000, only to receive $1000 compensation? It's better for the people not to pay anything to the CA. What if, if the loss is $1M loss for 1M people? The only thing serious CAs can do is to make the possibility of wrong operation absolute ZERO, which is not human and costs infinite amount of money, which makes the CAs not profitable. On the other hand, less serious CAs do little, if not nothing, and just sell imaginary security at low cost to people who really need real security. That's how PKI is designed and CAs work. PKI is a system of fraud. Masataka Ohta _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf