RE: Certificates, Directories, and Distinguished Names

[Tony Bartoletti <azb@xxxxxxxx>]

Just a General Observation:

The "pack-it-in-the-cert"/"pack-it-in-a-directory" debate seems to
parallel, in some ways, the recent thread on Anders' "CyberPhone"
approach to outsourcing one's private-key handling.

And "convenience," indeed, can only be ignored at one's peril (in
a business model, at least:)

Over all of this, I cannot help but be reminded of those who lived
through the Great Depression, and to this day feel uncomfortable
placing their money in banks.  They will insist upon dealing in
"cash", the kind they can stuff under their mattress, or bury in
a steel box in the backyard.  Foolish at it may seem to most, they
insist upon being the final arbiters of their security/destiny,
however ill-equipped to the task they may be.

No amount of argument that, statistically, their money would be
safer in a bank, or as bits-on-a-disk, will dissuade them.
(And who knows, in the long run, if they will be wrong or right?)

Must we promote a world so hostile to these individualists (they
are many, if not majority) that they become shut-out of the future
benefits that PKIs may afford?

Is this concern not a silent undercurrent to many of these debates?

___tony___



Tony Bartoletti                                             LL
Center for Information Operations and Assurance          LL LL
Lawrence Livermore National Laboratory                LL LL LL
PO Box 808, L - 303                                   LL LL LL
Livermore, CA 94551-9900                              LL LL LLLLLLLL
phone: 925-422-3881   fax: 925-423-8002               LL LLLLLLLL
email: azb@llnl.gov                                   LLLLLLLL