[LINK] Modern PKI [was: RFC: Could CAs Be Eavesdropping on Their Clients?]

Stephen Wilson swilson at lockstep.com.au
Mon Aug 16 05:12:37 AEST 2010 

Kim Holburn wrote:
> On 2010/Aug/15, at 4:46 PM, Stephen Wilson wrote:
>   
>> What would 'Internet scale' authentication look like?  What would it
>> provide, and what would it be used for?
>>     
> Off the top of my head:
> It sounds like we're trying to map a mathematical encryption model  
> onto a human trust system.  That mapping could only map to a very  
> small part of a human trust system.
>   
By the same token, imposing the "human trust system" on the Internet is 
where I think the wheels fall off.  Why don't we accept that on the 
Internet nobody can tell you're a dog?  If you want to "trust" someone 
then you have to do something out of band.  If we reframed the "trust" 
problem more carefully (in terms of what information is needed in order 
to authenticate a party for the purposes of a given transaction) then we 
would do better with the medium.  In e-business, "trust" is usually a 
red herring, insofar as what I need to know in order to accept most 
routine transactions (prescriptions, orders, tax returns, payment 
instructions ...) is precisely defined credential information.  
Pharmacists for instance don't need to "trust" doctors; instead they 
need to trust the medical credential system.  The stated aim of early 
Big PKI was to enable "stranger to stranger" e-business.  That was 
always hyperbolic nonsense.  Strangers don't do business in the real 
world; what makes us wish this to be otherwise on the Internet?
> Internet scale: Hmmm.... security of transactions between users and  
> websites on a world-wide basis?  International as opposed to in- 
> country business.  We don't really have a normal way to trust  
> businesses in other countries do we?  
Let's frame the problem more precisely.  We do have ways to recognise 
defined qualifications across borders.  If I break my leg overseas and 
get treated in a hospital, then when I get home, my doctor and my 
insurance company can indeed recognise the credentials of the overseas 
providers, and "trust" them, and pay my bills (or not).  There are many 
many cross recognition schemes for professional qualifications etc. And 
for technical test regimes.  A car or TV build in Korea can be certified 
to Australian standards before they export it.  Open ended trust is not 
the issue in e-business. PKIs can be built to mirror existing 
authorisation and cross recognition systems.
> Perhaps the whole idea of a PKI as a solid thing that somehow mirrors  
> what we have with paper and human communication is just not possible.   
> Certainly not at an international level where we have no model  
> anyway.  The internet is much more volatile and also wide ranging 
I agree. If there is a fatal problem with orthodox Big PKI it is that 
the framework could provide "trust".  Successful contemporary PKIs 
(plural) work well by being more modest, and more self-contained.  The 
problem they solve now is how to convey specific qualifications or 
relationships via digital certificates, to be used to automate certain 
types of routine transactions.  Good examples are the G2C PKIs of 
Denmark and Estonia, the healthcare PKIs of Austria, France, Slovenia 
and Taiwan, the conveyancing system in New Zealand, the set-top box PKI 
of the cable TV industry, and Skype.

Cheers,

Steve Wilson
Lockstep
www.lockstep.com.au/library/pki

More information about the Link mailing list