Re: A $25,000,000,000 PKI Was:Spec. on QC-low-fat & QC-heavy-bio

[Stephen Kent <kent@xxxxxxxxxxx>]

Anders,

>> Nobody has a lot of experience with large
>>scale deployment of PKIs in these contexts, so a statement about the
>>relative difficulties of deployment of certs to end users vs. the approach
>>you propose is premature. Insecure servers are a growing problem for
>>businesses, so I also challange your second assertion.
>
>SET is an example of a large-scale PKI deployment that has _almost_
>flopped due to some of the factors that CyberPhone solves. Like:
>
>Certificate distribution
>Thin client sw
>Mobile universal usage

I know a numnber of reasons why SET has not been accepted in the U.S., if
that's the context you're citing, and they are largely independent of the
issues you cite.  For example, U.S. consumer protection laws make the
advantages of SET over simple use of SSL and a credit card number
unattractive to users.  Since most online merchants can make a fair amount
of money despite the security limitations (e.g., lack of origin
non-repudaition) of the current paradigm, there is insufficient motivation
for them to change to SET.  Since most of the purchases over the web are
done from PCs, the thin n client argument is not relevant.

><large snip>
>>Finally, your proposal is clearly focused on one particular deployment
>>model, which may or may not be realized.  There are others, based on more
>>computationally capable, mobile, personal devices, e.g., PDAs.
>
>Computationally capable devices do not solve
>client certificate or client software distribution.

Most of the client cert distribution problems I've had client discuss are
not solved by your proposal, merely through centralization of certificate
storage and by having a server act as a proxy for applying signatures.

>The market for mobile phones is so much bigger than for other
>devices (PDAs, PCs) etc. so IF this solution gets wide acceptance on
>the mobile phone market - most other client PKI solutions MAY just die.
>I.e. why pay additional money for certs, readers, software if your
>employees already have a high-quality solution in their hands?

All of our employees have computers, those who travel have laptops.  Not
all have cell phones.  of the ones that do have cell phones, few would be
capable opf making use of the certs you describe, i.e., not many are PCS
phones.

The solution you propose is definately NOT high quality. It is an effort to
take advantage of devices with limited capabilities, and skew security
design principles to accommodate these limitations.  Such an approach might
be commercially successful; as others have pointed out, convenience and
good marketing often win out over other factors.  But that doesn't mean we
have to
skew our standards to embrace such approaches.

>BTW, why do you think MSFT is so interested in the mobile phone market?
>Because it is there the future of IT is happening!

Microsoft is interested in almost everything; after missing the Internet's
initial surge they hedge their bets extensively, a luxury that comes from
having so much money to play with.

>> As I said
>>before, you should pursue any implementation approach you think is
>>fruitful, but don't ask this standards body to tailor parts of its work to
>>facilitate your (decidely nont mainstream) approach to using certs.
>
>It COULD  become mainstream...
>
>Now we both know pretty well where we stand in this case so
>could please somebody else comment on this?

I'm sure they will.

Steve