[LINK] Modern PKI [was: RFC: Could CAs Be Eavesdropping on Their Clients?]
stil at stilgherrian.com
Mon Aug 16 09:07:25 EST 2010
On 16/08/2010, at 5:12 AM, Stephen Wilson wrote:
> Big PKI was to enable "stranger to stranger" e-business. That was
> always hyperbolic nonsense. Strangers don't do business in the real
> world; what makes us wish this to be otherwise on the Internet?
Surely strangers do do business in "the real world"? But generally only conduct transactions of a value or risk that is appropriate for the level of "perceived trustworthiness", I'll call it, of the other party. Or of the business systems.
If by "the real world" you mean face-to-face, I conduct business with a stranger every time I but a pie from a bakery I've never visited. I do know know who the anonymous person is talking my money, nor do I know they've made the pie safely. But the circumstances of having a shop that hasn't yet been closed down is a powerful signifier that others continue to trust it, and so I accept that risk. "Can I have a pie thanks?" "Sure, that'll be $3.50 but I'll have to warm it up." I reckon I'd still hand over my money at that point.
"Don't get up, I'll grab your round. [extends hand to take $10 note]" Will he actually run away with the money or buy your drink and bring it back?
Advert on TV with 1800 number.
Website with shopping card and SSL-secured checkout.
Where in this stack does "the real world" end? Nowhere, I contend. It's all a continuous, but less-well-trusted signifiers.
That's enough amateur semiotic for a Monday...
Trust is a psychological state, not maths.
Internet, IT and Media Consulting, Sydney, Australia
mobile +61 407 623 600
fax +61 2 8569 2006
ABN 25 231 641 421
More information about the Link