Re: A $25,000,000,000 PKI Was:Spec. on QC-low-fat & QC-heavy-bio

[Stephen Kent <kent@xxxxxxxxxxx>]

Anders,

<snip>

Well, at least we agreed on much of the SET stuff.

>>Since most of the purchases over the web are
>>done from PCs, the thin n client argument is not relevant.
>
>That is true for the current situation - not for the mobile future though.

Maybe I should call the cell phone an anexoric client, not just a thin
client :-).  Advocates of other approaches to mobility assumje more
powerful computation bases, as we discussed earlier.  The cell phone (PCS)
is one, speculative approach.  It may be just as successful as the VSAT
technology that was poised to sweep the data networking industry in the
mid-80s.

>Hum, maybe you should take a look on GlobeSet's (a leader in SET) ServerWallet
>and see why the developed it.

I'll look into it.

<snip>

>>The solution you propose is definately NOT high quality.
>
>By design?  I am fully convinced (not such a big surprise though :-))  that if
>the CyberPhone concept and associated server technology is developed by
>the best brains
>in the industry it could match any quality standards.  Regarding the
>security model
>it is not so far from a PKI-only version of Kerberos which seems to be higly
>regarded by security people.

Kerberos is not used for applications requiring non-repudiation, whereas a
primary motivator for PKI use is NR..

>>It is an effort to
>>take advantage of devices with limited capabilities, and skew security
>>design principles to accommodate these limitations.
>
>CyberPhone does a LOT more than address devices with limited capabilities.
>It also addresses certificate management, traceability and transaction
>logging,
>business transaction models, and last but not least end-user security
>including
>resource loss, revocation, backup and recovery.

I believe that all of the other issues you cite here are addressable via
means that do not require creating a proxy private key agent.

Stve