[9990] in cryptography@c2.net mail archive
Re: CFP: PKI research workshop
daemon@ATHENA.MIT.EDU (Karsten M. Self)
Wed Dec 26 17:48:40 2001
Date: Wed, 26 Dec 2001 14:34:41 -0800
From: "Karsten M. Self" <kmself@ix.netcom.com>
To: cryptography@wasabisystems.com
Message-ID: <20011226143441.B26325@navel.introspect>
Mail-Followup-To: cryptography@wasabisystems.com
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="Q0rSlbzrZN6k9QnT"
Content-Disposition: inline
In-Reply-To: <3.0.3.32.20011226074513.032b4008@mailbox.jf.intel.com>; from cme@jf.intel.com on Wed, Dec 26, 2001 at 07:45:13AM -0800
--Q0rSlbzrZN6k9QnT
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
on Wed, Dec 26, 2001 at 07:45:13AM -0800, Carl Ellison (cme@jf.intel.com) w=
rote:
> Ray,
>=20
> if you look at PKI as a financial mechanism (like credit cards),
> then I see two major problems:
>=20
> 1. the PKI vendors aren't financial institutions, so they aren't in a
> position to assume risk and make money from that
>=20
> 2. the current PKI thinking (e.g., with "rebuttable presumption of
> non-repudiation") is anti-consumer, when viewed as a financial
> mechanism, and I can't imagine that succeeding even if the vendors
> were banks.
I disagree with this premise. I also see PKI being as strongly
pro-vender. With consumers legally, and banks contractually, sheltered
from the bulk of credit card fraud risks, the burden falls on merchants.
I would expect that a merchant-based initiative to produce a
non-refutable electronic payment system would see some favor. With
current retail numbers in the toilet, any opportunity to shave losses
should meet some favor. A number of merchants have their own credit
payment systems, and might be the source of such an initiative.
The next battleground becomes rights to public privacy in the face of
such systems. I'm curious as to systems which might use various forms
of one-time keys or tokens to validate transactions, there was some
discussion of this 1-2 years back, with a system proposed by AmEx IIRC,
but little followup.
Peace.
--=20
Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/
What part of "Gestalt" don't you understand? Home of the brave
http://gestalt-system.sourceforge.net/ Land of the free
We freed Dmitry! Boycott Adobe! Repeal the DMCA! http://www.freesklyarov.org
Geek for Hire http://kmself.home.netcom.com/resume.html
--Q0rSlbzrZN6k9QnT
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8KlCAOEeIn1XyubARAm2pAJ4qUDdGzNQP0p50O6NOA9Jv0o9eFACgjbsz
J8Ds9ax5oMqxYf3WR7dFlT4=
=eb4f
-----END PGP SIGNATURE-----
--Q0rSlbzrZN6k9QnT--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
