[2454] in cryptography@c2.net mail archive
Reply to "ABA" becomes root CA for financial services industry
daemon@ATHENA.MIT.EDU (Kawika Daguio)
Wed Apr 8 13:56:59 1998
Date: Wed, 08 Apr 1998 12:23:18 -0400
From: "Kawika Daguio" <Kdaguio@aba.com>
To: dcsb@ai.mit.edu, cryptography@c2.net, dbs@philodox.com
Cc: alivings@aba.com, jbyrne@aba.com, tgreco@aba.com
The text below this line are my words and perspective and should not be =
interpreted or characterized to others as the formal views of the =
organization and institutions I normally represent.
****************MY WORDS*****************************************
Bob,
I have been championing this idea for 4 years and everyday grow more =
convinced of the soundness of the idea and the architecture I have been =
proposing. Since I am not running this project, objections, if any, =
should be raised with others on the CA project management team. We have a =
large team of staff, consultants, and other stakeholders running and =
working on this project that are second to none in the PKI world. I am =
in the best position of anyone, I think, to defend the idea in this =
space, as well as the goodness of the proposed policy and technology =
architecture. Obviously there are a range of perspectives on these =
issues, and we appear doomed to disagree, but I wanted to try to inform =
you about the initiative and thus try to change your mind.
As I see it, hybrid (hierarchy and network) PKI models like the one we =
will be building and operating will play a critical role in the development=
of ecommerce by enabling and facilitating both bilateral and clearinghouse=
type relationships between FIs.
Associations, including clearinghouses, serve policy and operational roles =
that add value today and will do so in the future, despite some who may =
make claims to the contrary. =20
Managing trusted key distribution solutions and directory services =
supporting 15,000 insured depository institutions is not a trivial or =
unimportant task, dealing with and accommodating an even wider community =
is even more challenging. Developing a flexible policy space and =
infrastructure framework that will permit FIs to do it right, do it soon, =
and do it their way is a task that simply cannot be left to chance and =
time alone.
Institutions moving trillions of dollars a day are not interested in =
letting the market, technology, infrastructure, and law develop unguided =
at a snails pace and at their expense. I believe that, "Serious business =
requires serious security and reliability" and challenge anyone to defend =
the current infrastructure as adequate to the task. Our infrastructure =
will support related infrastructure deployed by others that will permit =
trust to be extended on a basis and on networks that were previously =
infeasible. We want to jumpstart policy driven processes that lead to =
large-scale, global ecommerce and banking. I think this is a noble cause, =
worthy of wide support rather than criticism.
As I see it, our role is to help financial institutions deploy their own =
PKIs and facilitate sound policy compliant use of authentication and =
encryption technologies as risk management tools, where ever and whenever =
they think it appropriate. =20
This initiative will be led and governed by bankers and other financial =
services industry stakeholders who will be setting both policy and =
operational requirements. I expect bankers (including I-bankers) will =
put on their "relying party hats" when setting these requirements and also =
expect them to place tremendous stress on assurance (reliability and =
security) to a far greater extent than required in any other commercial =
sector. Relying parties with serious money (risk) on the table will be =
driving this thing. They will, if anyone can, do this right. I am just =
here to help.
long time no correspond -
please reply to me directly as well as to the crossposted lists.
aloha...kawika...
