RE: Finding PKIX Servers!

[Alan Lloyd <Alan.Lloyd@xxxxxxxxxxxxxxxxxxxx>]

Sorry about being me again - but I just love these lines from people
that dictate what the whole world does.

> -----Original Message-----
> From:	Perry E. Metzger 
> Sent:	Tuesday, February 09, 1999 3:28 AM
> To:	kudzu@dnai.com
> Cc:	Andrew Probert; ietf-pkix@imc.org
> Subject:	Re: Finding PKIX Servers!
> 
> 
> Michael Sierchio <kudzu@dnai.com> writes:
> > "Perry E. Metzger" wrote:
> > 
> > > To put it another way: when you walk in to the book store to buy a
> > > book, the store doesn't care a bit about who you are. They care
> about
> > > whether they will be PAID, and knowing you have a valid cert tells
> > > them nothing about that. What they need is a signed statement from
> their
> > > accepting bank saying they will be paid -- and that doesn't
> require a
> > > Global PKI to set up. It might use a PKI set up by the bank or
> credit
> > > network for its own use, but it doesn't need a *GLOBAL* PKI.
> > 
> > There are two separate issues here -- if we're talking about
> > presenting a cert as part of authorizing a transaction,  the
> > merchant may very well be interested in identity -- certainly
> > in non-repudiation.
> 
> Again, no, this is not the case.
> 
	I would never, repeat never say in one paragraph what the whole
world does when vetting a transaction with a customer across a counter
and who does the authentication and transaction verification. One can
only cite that in some cases (a) happens and in some cases (b) happens.
Sometimes I get asked for a passport or driving licence to prove who I
am when doing bank transactions and sometimes not.

	By making such a statement (as below) one can only assume you
have met every merchant in the whole world :-)

	SNIP

	regards alan