[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Thin PKI won - You lost

To: Camillo Särs <Camillo.Sars@xxxxxxxxxxxx>
Subject: Re: Thin PKI won - You lost
From: Lynn.Wheeler@xxxxxxxxxxxxx
Date: Fri, 15 Dec 2000 07:52:23 -0800
Cc: Anders Rundgren <anders.rundgren@xxxxxxxxx>, PKIX-List <ietf-pkix@xxxxxxx>



in retail electronic transactions ... not only is "identity" fairly irrelevent
... it represents privacy compromise

that is one reason that some of the european parties a couple years ago went to
"relying-party-only" certificates ...  we've been able to show for 3-4 years
that using certificate compression techniques that such certificates can be
highly  compressed to zero bytes (superfulous and redundant to repeatedly resend
copies of information to the relying party that has the original copy of the
information).

the real issue is does any of the transactions have to be offline. the analogy
is the business paper checks of the '60s that had signing limits ... until they
found that people were signing 200 individual checks to achieve their results.

certificates (of whatever kind) represent offline trust propogation between
entities with no prior business relationship. as online becomes more & more
prevalent and online costs drop, the threshold justifying not doing things
online is dropping. the typical current day replacement for the '60s signing
limit paper checks is a corporate purchase card, akin to a form of (online,
electronic) credit card, that in addition to the familiar credit limit (i.e.
real time aggregated balance), also can have business rules about things like
merchant type, specific merchant, merchant location, and SKU (product) codes.

x9.59 (financial industry standard for all electronic account-based retail
transactions) addresses all of this.

the response (to the merchant) doesn't currently have to be signed for
authentication purposes because it comes in via a trusted network. One could
imagine migration to a non-trusted network implementation for the response ...
reguiring signed authentication. However, because of the required prior business
relationships there isn't a requirement for offline trust propogation, the
public key of the responding merchant financial entity is simply installed at
the merchant (possibly in a manner similar to the way that root public keys are
delivered in browsers, but under somewhat more strict business controls).

one way of characterising a much thiner form of PKI uses highly optimized
compression techniques for redundant and superfulous information transmission
reducing certificate size to zero bytes in cases of online transaction between
entities with prior business relationship (i.e. in the retail transaction
scenerio, there is a consumer instruction to the consumer's financial
institution, and the response is an instruction from the merchant's financial
institution to the merchant).

the transaction value threshold for offline trust propogation involving
certificates that haven't been compressed to zero bytes is dropping as online
becomes more & more ubiquitous and the corresponding cost of online drops.





Camillo S

ärs <Camillo.Sars@F-Secure.com> on 12/15/2000 04:46:17 AM



I tend to agree with you.  For most on-line transactions, the concept of
"identity" is fairly irrelevant - the real issue for the relying party is
the authorization to perform an action.  Once the high-level legal trust
relationships exist [Read: "If you cheat, we will sue you out of
business."], the remaining issues are mostly about transferring
authorization - delegation - and avoiding fraud by the users.

Prev by Date: Re: S2ML, Thin PKI and SPKI
Next by Date: Re: Thin PKI won - You lost
Previous by thread: DPD & DPV requirements
Next by thread: Re: Thin PKI won - You lost
Index(es):
- Date
- Thread