|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
X-Original-To: cryptography@metzdowd.com X-Original-To: cryptography@metzdowd.com Date: Sat, 17 May 2003 08:07:35 -0600 To: "Anton Stiglic" <astiglic@okiok.com> From: Anne & Lynn Wheeler <lynn@garlic.com> Cc: <iang@systemics.com>, <cryptography@metzdowd.com> In-Reply-To: <007201c31af3$2a7c7340$3b00a8c0@p1038mobile> At 11:03 AM 5/15/2003 -0400, Anton Stiglic wrote: >PODS using something =E0 la PGP would not >imply PKI, but still a centralized server >as you said. >Payment systems don't need a PKI, but >a centralized server as you said, and >also needs some kind of financial >institution to bootstrap things (which is easier >to do in a closed system, than in an open >system like the Internet). x9.59 standard for all elecronic payments can use digital signatures w/o=20 PKI or certificates ... just public key registered with account and=20 connectivity to senders financial institution. It isn't "centralized" any=20 more than the existing payment card operation is centralized .... aka huge= =20 number of different consumer financial institutions all with their=20 individual operation and account records. however, much of it is based on a= =20 private network interconnecting all of these financial operations that=20 predates the existing internet ... but effectively functionally equivalent. The existing payment card infrastructures are open in the sense thay they=20 do have an international standard, iso8583 .... in much the same way that=20 certificates have iso international standard. and there are numerous=20 interconnects between the internet and these infrastructure ... witness the= =20 existing electronic commerce. It is less open than the "internet" in the=20 sense that there are contractual, institutional, and financial obligations= =20 that are necessary to directly participate (but i believe that will tend to= =20 be always true except in the cases of toy demos). However, that isn't=20 precluding the migration of more electronic commerce related traffic to=20 internet-based technology in various ways. The issue isn't directly whether= =20 it is internet-related technology or non-internet related technology ....=20 but much more of an issue whether there are explicit legal and other=20 obligations required to participate. x9.59 standard reference http://www.garlic.com/~lynn/index.html#x9.59 account record public key infrastructures http://www.garlic.com/~lynn/index.html#aads -- Anne & Lynn Wheeler http://www.garlic.com/~lynn/ Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm =20 --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |